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"At  Nissan,  we  expect  to  save  at  least  $135  million  annually 
thanks  to  the  efficiencies  that  Windows  Server  2003  and 
Exchange  Server  2003  are  helping  us  achieve." 

Toshihiko  Suda 

Senior  Manager,  Nissan  Motor  Company,  Ltd. 


Make  a  name  for  yourself  with  Windows  Server  System. 

An  upgrade  to  Microsoft  Windows  Server  System 
made  it  possible  for  50,000  worldwide  employees 
at  Nissan  Motor  Company  to  have  more  secure 
remote  access  to  their  e-mail  and  calendars 
from  any  Internet  connection,  without  the  hassle 
and  expense  of  a  VPN.  Here's  how:  By  deploying 
Windows  Server  2003  and  Exchange  2003,  not  only 
did  Nissan  IT  meet  the  CEO's  demand  for  better  global 
collaboration,  they  expect  to  save  at  least  $135  million 
by  streamlining  their  messaging  infrastructure. 
To  get  the  full  Nissan  story  or  find  a  Microsoft 
Certified  Partner,  go  to  microsoft.com/wssystem 
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Server  Platform  Windows  Server" 


Virtualization 

Virtual  Server 

Data  Management  &  Analysis 

SQL  Server” 

Communications 

Exchange  Server 

Portals  &  Collaboration 

Office  SharePoint'  Portal  Server 
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BizTalk*  Server 

Management 

Systems  Management  Server 

Microsoft*  Operations  Manager 

Security 

Internet  Security  &  Acceleration  Server 

Plus  other  software  products 
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■  w»  NetVanta  1224R/1224STR  Series 
Power  over  All-in-One  Access  Platform  with 
Ethernet  Switch/Router/Firewall/VPN/DSU/CSU 


NetVanta  1224/1224ST  Series 

Managed  Fast  Ethernet  and 
Powered  Ethernet  Switches 


NetVanta  24ST 

Managed  Gigabit  Ethernet  Switch 


(attne 
right  price) 


NetVanta  340 

Business-class  ADSL2*  Router 


NetVanta  3200 

Modular  2xT1/ADSL2+  Branch  Office 
Routers  with  Firewall/VPN/Vaice/Dial  Backup 


NetVanta  3205/3305/4305 

Modular  2xT1/3xT1/8xT1  Routers  with 
Firewall/VPN/Voice/Dial  Backup 


NetVanta  Switches,  Routers,  and  VPN  Solutions. 


Is  voice  and  data  networking  costing  you  more  than  it  should? 

You  no  longer  have  to  pay  premium  prices  for  brand  name 
gear  to  perform  customary  internetworking  tasks.  With  the 
NetVanta  Series  from  ADTRAN  ',  you  can  implement  the  exact 
internetworking  functionality  you  need,  at  a  cost  that’s 
/ork  often  50%  less  than  competing  brand  name  solutions. 

Tout  Choose  from  switching ,  routing ,  and  VPN  platforms, 

sing  Modular  chassis  and  deep  product  lines  let  you  pick 
ince-  and  choose  just  the  right  solution  for  any  application — 
with  data,  voice,  VoIP,  Internet,  backup,  and  management — 
anta.  across  networks  ranging  from  56  kbps  to  GigE.  Every 

solution  is  backed  by  a  100%  satisfaction  guarantee  from 
ADTRAN,  unlimited  telephone  technical  support  (before  and 
after  the  sale) ,  free  firmware  upgrades,  and  a  full  5-year  warranty. 


Lower  network 
costs  without 
compromising 
quality,  performance, 
or  support  —  with 
NetVanta. 


NetVanta  5305 

Modular  2xT3  Router  with  Firewall/VPN 


Why  pay  more  (when  you  don’t  have  to)? 


NetVanta  2050/2054/2100 

Home  Office/Small  Office  VPN  Gateways 
with  Firewall/Multi-Port  Switch 


NetVc  ta  2300/2400 

Medium  to  Large  Office  VPN 
Gateways  with  Firewall 


/  ster  to  win  a  free  NetVanta  1224STR  now!  < 

www.adtran.com/rightprice  VY)J\S c" 

Have  a  question  about  network  design?  How  to  implement  V 

VoIP  in  your  network?  Our  network  engineers  are  standing  by. 

800  597  9602  Technical  Questions 
877  280  8416  Where  to  Buy 
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Network  World  Radio/Podcast: 

Radio:  Service-Oriented  Architecture 
Network  World  Senior  Editor  Denise 
Dubie  talks  with  IBM  Global  Services' 
Michael  Liebow  about  the  company's 
service-oriented  architecture  (SOA) 
strategy. 

DocFinder:  8142 

Multimedia  Exchange 

Multimedia  Editor  Jason  Meserve 
examines  Project  Gizmo,  a  VoIP 
alternative  to  Skype.  "The  call  quality 
was  pretty  good,  though  there  were 
a  few  'feedback'  sounds  that  were  a 
bit  grating." 

DocFinder:  8143 

Cool  Tools  Daily  Dose 

Keith  Shaw  details  Verizon's  latest 


"must  have"  cell  phone  —  the  LG 
VX8100,  a  handset  designed  for 
the  service  provider's  CDMA  EV- 
DO  wireless  network.  The  VX8100 
is  optimized  for  the  company's 
VCast  video-on-demand  service, 
and  includes  Bluetooth, 

DocFinder:  8144 

Forum:  Best  place  to  stop  spyware 

Where's  the  best  place  to  combat 
spyware?  C.  David  Moll,  CEO  of 
Webroot  Software,  says  only  desk¬ 
top  spyware  protection  will  fully  pro¬ 
tect  today's  mobile  workforce,  Vilis 
Ositis,  CTO  of  Blue  Coat  Systems, 
however,  argues  that  proxy  servers 
may  be  the  only  long-term  solution 
to  the  problem.  What  do  you  think? 
DocFinder:  8145 


Online  help  and  advice 

Nutter's  Help  Desk 

Windows  2003  DNS  servers 
Help  Desk  guru  Ron  Nutter  helps  a 
user  who  asks:  "We  don't  allow  (or 
want  to  allow)  any  outside  access  to 
anything  on  our  network.  Do  I  need 
to  run  DNS  on  my  network  at  all?" 
DocFinder:  8147 

Small  Business  Tech 

Columnist  James  Gaskin  takes  a 


look  at  Ipswitch's  network  moni¬ 
toring  software. 

DocFinder:  8148 

Gearblog 

Mark  Gibbs  looks  at  the  work 
being  done  at  Princeton  in  the 
Princeton  Engineering  Anomalies 
Research  program  to  measure  the 
effect  that  humans  might  have  on 
machines.  DocFinder:  8150 


Seminars  and  events 

VORTEX  2005 

Join  us  in  San  Francisco  for  an  all-new  VORTEX  conference.  It's  the  only 
forum  where  influential  senior  IT  executives,  industry  giants  and  technol¬ 
ogy  disruptors  come  together  to  renew  and  reset  the  agenda  of  the  SI 
trillion  enterprise  IT  market. 

DocFinder:  8149 


BREAKING  NEWS 

Go  online  for  breaking  news  everyday.  DocFinder:  1001 

Free  e-maii  newsletters 

Sign  up  for  any  of  more  than  40  newsletters  on  key  network  topics. 

DocFinder:  1002 

What  is  DocFinder? 

We’ve  made  it  easy  to  access  articles  and  resources 
online.  Simply  enter  the  four-digit  DocFinder  number  in 
the  search  box  on  the  home  page,  and  you’ll  jump  directly 
to  the  requested  information. 


. 


Turn  Control  Freaks  Into  Remote  Control  Freaks 


t»  Kick  back.  Relax.  Make  yourself  comfy.  It’s  all  part  of  a  day’s  work  when  you’re  in  total  control  with 
our  DSView®  3  management  software.*  Now  you  can  remotely  control  servers,  serial  devices  and 
power  devices  from  a  single  browser  interface.  Reboot  servers  down  the  hall  or  around  the  world.  With  virtual 
media,  you  can  even  remotely  load  software  without  setting  foot  in 
the  data  center.  Those  hours  spent  at  the  rack  are  over.  Visit  us  at 
www.avocent.com/stayincontrol.  And  start  looking  for  a  new  chair. 

«  Rediner  recommended,  but  not  included. 


Avocent 

The  Power  of  Being  There® 


K>  2005  Avocent  Corporation.  Avocent,  the  Avocent  logo,  DSView  and  The  Power  of  Being  There  are  registered  trademarks  of  Avocent  Corporation. 
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NEWSbits 


Security  lapse  costs  company  key  clients 

■  Visa  and  American  Express  last  week  said  they’ve  terminated  their 
tracts  with  Atlanta-based  processor  CardSystems  Solutions,  with  Visa 
specifically  citing  CardSystems’  lack  of  appropriate  controls  in  place 
to  protect  cardholder  information.  The  decision  by  Visa  and 
American  Express  follows  the  disclosure  last  month  that  vulnerabili¬ 
ties  in  CardSystems’  network  allowed  an  outsider  to  gain  access  to 
as  many  as  40  million  credit  card  numbers.  MasterCard 
International,  however, said  it  would  continue  to  work  with 
CardSystems  because  of  what  it  perceives  as  improvements  in  the 
company’s  security. 


con- 


■  IBM  makes  management  changes 

IBM  last  week  announced  a  major  shift  in  its  execu¬ 
tive  ranks.  John  Joyce,  senior  vice  president  for  IBM’s 
services  business,  is  leaving  to  join  Silver  Lake 
Partners,  a  private  equity  firm.  His  duties  now  will  be 
split. Virginia  Rometty  will  be  senior  vice  president  in 
charge  of  high-end  consulting  services,  and  Mike 
Daniels  will  become  a  senior  vice  president  in 
charge  of  traditional  outsourcing  services.  In  addi¬ 
tion,  Janet  Perna,  general  manager  of  IBM’s 
Information  Management  unit,  has  announced  her 
plans  to  retire.  Perna’s  unit  is  responsible  for  develop¬ 
ment  and  sales  of  the  DB2  database  products. 

■  Expert:  U.S.  not  setter  ’Net  attack 

The  Department  of  Homeland  Security  needs  to 
develop  a  recovery  plan  for  widespread  attack  on  the 
Internet,  and  it  needs  stable  leadership  in  cybersecu¬ 
rity,  a  government  investigator  last  week  told  a  Senate 
subcommittee.  While  DHS  can  track  Internet  threats, 
it  doesn’t  have  an  Internet  recovery  plan  or  a  nation¬ 
al  cybersecurity  threat  assessment,  said  David 
Powner,  director  of  IT  management  for  the 
Government  Accountability  Office.  DHS  is  making 
progress,  but  more  work  needs  to  be  done,  he  said. 
“Until  DHS  addresses  its  many  challenges  ...  it  cannot 
function  as  a  cybersecurity  focal  point  for  coordinat¬ 
ing  federal  law  and  policy?’  Powner  said.'The  result  is 
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“MPLS  craps  up  the  network.  It 
makes  it  more  complicated  than 
it  needs  to  be,  and  they  could 
just  throw  more  bandwidth  at 
the  problem  and  solve  it.” 

David  Isenberg,  author  of  The  Rise  of  the  Stupid  Network,  on 
bandwidth  limitations  that  plague  videoconferencing,  speaking 
at  Wainhouse  Summit  in  Boston. 


an  increased  risk,  and  large  portions  of  our  critical 
infrastructure  are  unprepared  to  effectively  handle  a 
cybersecurity  attack.”  Senators  echoed  Powner’s  criti¬ 
cisms.  “The  United  States  does  not  currently  have  a 
robust  ability  to  detect  a  coordinated  attack  on  our 
critical  infrastructure,  nor  does  it  have  a  measurable 
recovery  and  reconstitution  plan  for  key  mechanisms 
of  the  Internet  and  telecommunications  system,” said 
Senator  Tom  Coburn  (R-Okla.). 

■  Cisco’s  Linksys  acquires  firm 

Cisco’s  Linksys  division  is  set  to  make  a  leap  into 


“ Scientists  at  Microsoft  work 
long  hours  to  convert  the  blue 
screen  of  death  to  the  new 
Longhorn  red  screen  of 
death.  ” 


William  Flusek  of  Cedar  Rapids,  Iowa,  must  know  we're  a  sucker  for  a  good 
Microsoft  joke  and  wins  this  week's  contest.  Come  back  every  Monday  for  the  start 
for  a  new  tilt,  www.networkworld.com/weblogs/layer8 


TheGoodTheBadTheUgly 

Network  skills  paying  off.  Don't  believe  everything 
you  hear  about  how  offshore  outsourcing  is  putting  the  squeeze 
on  IT  wages  in  the  U.S.  Or  so  says  research  firm  Foote 
Partners,  whose  latest  pay  survey  of  50,000  IT  pros  cites 
strong  2005  pay  growth  for  those  with  applications  develop¬ 
ment,  database,  enterprise  software,  networking  and  systems 
administration  skills.  Pay  rises  for  those  with  network  skills  led 
the  way  through  the  first  six  months  of  this  year,  at  5.1%, 

<Tune  this  worm  out.  a  new  worm  disguised  as 
an  iTunes  file  is  making  the  rounds,  according  to  security 
■  firm  Trend  Micro.  The  low-risk  worm,  being  circulated 
through  AOL  Instant  Messenger,  is  called  "WORM  OPANKI.Y" 
and  is  being  distributed  in  a  file  called  lTunes.exe." 

Web  waste.  Employees  are  using  the  Web  more  and  more  for 
personal  reasons,  and  that  is  setting  U.S.  companies  back  S178  bil¬ 
lion  annually,  a  cost  of  $5,000  per  employee,  according  to  a  new 
study  from  Websense.  The  10,000-plus  IT  managers  surveyed  on 
average  estimated  that  each  employee  is  using  the  Internet  for  per¬ 
sonal  use  for  5.9  hours  per  week. 


networked  entertainment  devices  with  the  acqui¬ 
sition  of  KISS  Technology,  in  Horsholm,  Denmark. 
The  company,  whose  name  stands  for  Keep  It 
Simple  Solutions,  makes  a  range  of  consumer 
products  for  the  European  market  that  includes 
DVD  players,  a  video  recorder  and  a  plasma  TV 
that  all  can  link  into  home  data  networks.  Linksys 
will  pay  about  $61  million  in  cash  and  stock  for  all 
the  shares  of  KISS  and  will  integrate  the  company 
into  Linksys  upon  approval  of  the  deal,  expected 
in  the  first  quarter  of  Cisco’s  2006  fiscal  year,  end¬ 
ing  in  October.  After  the  acquisition,  KISS  will  con¬ 
tinue  to  sell  its  current  products  in  Europe  under 
the  KISS  brand  for  a  long  time,  said  Janie  Tsao,  a 
cofounder  of  Linksys  and  senior  vice  president  of 
sales,  marketing  and  business  development. 
Linksys,  the  largest  vendor  of  home  network 
equipment,  such  as  Wi-Fi  routers,  wants  to  get  into 
“networked  entertainment”  products  such  as  DVD 
players  that  can  communicate  with  PCs  and  other 
devices  on  a  home  network  and  send  video 
streams  to  a  television. 

■  Dauber  takes  Nevis  helm 

Santa  Clara  security  start-up  Nevis  Networks  last 
week  named  Charles  Dauber  its  president  and 
CEO.  Dauber  had  been  vice  president  for  security 
systems  at  Blue  Coat.  Nevis,  which  expects  to 
announce  a  high-speed  ASIC-based  appliance  for 
LAN  security  later  this  year  as  its  first  product,  said 
it  has  received  $32.5  million  in  venture  funding 
from  New  Enterprise  Associates,  Blue  Run  and 
New  Pass  Ventures.  The  company  was  founded  in 
2002  by  Marish  Muthal  and  Amol  Mahajani,  who 
formerly  worked  in  product  development  at 
Juniper  and  Cisco. 
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Verizon  joins  managed  security  game 


Carrier  to  offer  managed  service  based  on  tools  it  has  been  using  internally. 


No  slowdown  in  spending 


Spending  on  managed  security  services  in  the  U.S.  is  being 
projected  to  grow  steadily. 


Spending  (in  millions) 
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BY  JIM  DUFFY 

Verizon  is  readying  managed 
security  services  that  exploit 
technologies  the  carrier  has 
been  using  to  safeguard  its  own 
network  operations. 

Verizon  has  begun  briefing  its 
Enterprise  Solutions  Group  cus¬ 
tomers  on  the  services,  which  will 
be  offered  on  a  nationwide  basis. 
Managed  security  will  be  run  by 
48  technicians  working  three 
shifts  to  provide  24/7  surveillance 
from  the  carrier’s  Global  Security 
Operations  Center  near  Dallas. 

“What  were  doing  is  looking 
at  Verizon  capabilities,  specifi¬ 
cally  internal,  where  we  have  a 
significant  investment,”  says  Bill 
Hummel,  product  manager  for 
managed  security  and  storage 
services.“Why  can’t  we  offer  this 
same  internal  Verizon  expertise 
to  our  customers?” 

Verizon  joins  an  expanding 
list  of  RBOCs,  interexchange 


BY  JOHN  COX 

“It  was,  and  is,  a  lot  of  work.” 

That’s  how  University  of  Con¬ 
necticut  CIO  Michael  Kerntke 
rather  wearily  summed  up  the 
school’s  response  to  a  discovery 
in  June  of  a  data  breach  that 
exposed  the  personal  information 
of  72,000  current  and  former  stu¬ 
dents,  faculty  and  staff. 

And  UConn’s  breach  is  not 
even  the  latest  in  a  series  of  inci¬ 
dents  that  have  cropped  up  on 
campuses,  from  small  communi¬ 
ty  colleges  to  some  of  America’s 
most  prestigious  schools. 
Michigan  State  disclosed  earlier 
this  month  that  an  attack  on  a 
server  at  the  College  of 
Education  might  have  compro¬ 
mised  Social  Security  numbers 
of  more  than  27,000  students. 

And  SecurityFocus.com  report¬ 
ed  two  weeks  ago  about  a  pro¬ 
gramming  error  in  the  University 


carriers,  managed  security  ser¬ 
vice  providers  (MSSP)  and  sys¬ 
tems  integrators  offering  out¬ 
sourced  security  services.  AT&T 
recently  began  offering  enter¬ 
prise  services  based  on  tech¬ 
nologies  and  processes  initially 
used  internally  (www.network 
world.com,  DocFinder:  8152). 
SBC  recently  added  a  managed 
intrusion-prevention  service  to 
its  roster  of  security  services. 

MCI,  which  is  being  acquired 
by  Verizon,  bought  MSSP  NetSec 
earlier  this  year. 

“It’s  certainly  something  that 
the  business  customer  commu¬ 
nity  expects  of  the  RBOCs,”  says 
Dave  Lemelin,  senior  analyst  at 
In-Stat.“When  you  look  at  the  IT 
professionals  in  enterprise  busi¬ 
nesses,  two  of  the  top  three 
challenges  they  have  today  are 
how  to  handle  storage  and  how 
to  handle  security.  When  you 
look  at  middle-sized  businesses 


of  Southern  California’s  online 
student  application  system  that 
opened  a  hole  into  a  database  of 
personal  information.  The  univer¬ 
sity  confirmed  that  the  database 
had  about  270,000  records  with 
names  and  Social  Security  num- 
bers.“However,it  appears  that  only 
a  small  number  of  these  records 
were  actually  exposed,”  according 
to  a  university  statement. 

Until  recently,  California  was  so 
far  the  only  state  that  requires 
organizations  that  hold  such  data 
to  notify  consumers,  or  in  this 
case  students,  when  their  person¬ 
al  information  has  been 
exposed,  even  if  it  hasn’t  been 
read  or  stolen. 

But  UConn,  like  many  schools, 
now  has  a  policy  to  notify  users  if 
such  a  breach  exposes  personal 
data.  Current  UConn  students  and 
employees  were  notified  via  e- 
mail;  those  no  longer  at  the 


. . .  they  don’t  have  the  resources 
that  the  larger  companies  do.” 

According  to  The  Yankee 
Group,  businesses  spent  $150 


school  were  sent  a  letter.The  labor 
involved  accounted  for  much  of 
the  workload,  Kerntke  noted. 

Hacker  motives 

So  far,  many  attackers  don’t 
seem  to  be  targeting  school  data¬ 
bases  for  identity  theft,  according 
to  some  IT  executives.  “In  many 
cases,  hackers  don’t  do  it  to  steal 
information  or  cause  problems, 
but  to  satisfy  an  unusual  curiosi¬ 
ty  and  also  because  they  can,” 
says  Rey  LeClerc,  chief  security 
information  officer  at  Case 
Western  Reserve  University  in 
Cleveland.  Another  cause  is 
hackers  looking  for  extra  space 
to  store  music  files. 

But  when  hacked  departmental 
servers,  desktop  and  laptop  PCs 
also  contain  personal  informa¬ 
tion,  the  exploit  becomes  a  much 
bigger  headache  for  campus  IT 
professionals. 


million  on  network-based  secu¬ 
rity  services  in  2003.  By  2008, 
the  firm  forecasts  that  spending 
will  swell  to  $570  million,  a 


“If  someone  hacks  a  desktop 
machine  to  store  music  files  and 
that  PC  has  a  spreadsheet  with  pri¬ 
vacy  data,  such  as  student  names, 
Social  Security  numbers  and  so 
on,  then  we  have  to  manage  that 
breach,  and  notify  students  and 
parents,” says  Walter  Czerniak,  asso¬ 
ciate  vice  president  of  information 
technology  at  Northern  Illinois 
University  (NIU)  in  DeKalb.  Illinois 
recently  passed  a  notification  law 
similar  to  California’s,  he  says. 

Checking  data 

The  drive  to  protect  personal 
data  forces  schools  to  conduct 
audits  to  find  out  who  is  keeping 
what  information  where.  Last  year, 
Czerniak  says,  a  NIU  teaching 
assistant  published  a  local  Web 
page  for  his  students,  with  infor¬ 
mation  about  their  grades.  But  he 
left  the  Social  Security  numbers 
See  Breach,  page  16 


compound  annual  growth  rate 
of  30.6%. 

The  Yankee  Group  estimates 
that  the  cost  of  deploying  carri¬ 
er-based  services  is  20%  less 
than  the  cost  of  customer 
premises-based  services. 

Among  the  specifics 

Verizon’s  managed  security 
services  will  include: 

•  Event  management. 

•  Firewalls. 

•  VPNs. 

•  Intrusion  detection  and  mit¬ 
igation. 

•  Vulnerability  management. 

•  Compliance  management, 
which  will  tailor  services 
around  regulations  to  which  a 
company  must  adhere. 

•  Anti-spam/anti-virus. 

•  Identity  management. 

•  Security  intelligence, such  as 
data  on  threats  and  mitigation 
techniques. 

•  Encryption. 

•  Professional  services. 

Verizon  says  the  managed 

security  equipment  and  ser¬ 
vices  it  offers  is  expected  to  stay 
up  99.7%  of  the  time.  Pricing 
is  customer-specific,  but  can 
run  from  $250  to  $2,500  per 
month,  depending  on  the  type 
of  firewall  and  level  of  service 
needed,  the  company  says. 

Customers  will  have  a  Web 
portal  from  which  they  can  gain 
access  to  security  reports,  view 
See  Verizon,  page  1G 
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Schools  battle  personal  data  hacks 


MMM| 


Windows  Server  2003  is  15%  more  reliable 
than  Red  Hat  Linux. 


Veri  Test  studied  the  reliability  of  both  Windows  Server  '  and  Linux  back-end 
infrastructures  and  end-user  service  loss  time  on  identical  hardware  set-ups. 
For  the  full  results,  go  to  microsoft.com/getthefacts 


Microsoft 


Windows 
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IBM  readies  update  for  key  mainframe 


BY  JENNIFER  MEARS 

IBM  is  set  to  unveil  an  update 
to  its  high-end  z990  mainframe 
that  analysts  say  will  enhance 
the  system’s  reliability  and  secu¬ 
rity  and  bring  as  much  as  a  40% 
performance  boost  to  a  product 
that  is  aimed  at  corporate  users 
running  very  large  database  and 
transactional  systems. 

The  official  announcement  is 
expected  at  an  IBM  event  in  New 
York  on  Tuesday  that  is  being 
hosted  by  Bill  Zeitler,  senior  vice 
president  and  group  executive  of 
IBM’s  systems  group.  An  IBM 
spokesman  declined  to  com¬ 
ment,  except  to  say  that  the  event 
is  “bigger  than  the  mainframe.” 

Industry  observers  expect  the 
event  to  focus  on  IBM’s  larger  on- 
demand  and  virtualization  strat¬ 
egy,  where  the  mainframe  will 
play  a  key  role. 

“IBM  continues  to  try  to  make 
the  mainframe  the  center  of  the 
on-demand  data  center  and 
they’re  going  to  enhance  the 
things  they  think  are  required  in 
that  area:  security  and  availabili¬ 


ty,  plus  providing  more  flexibility’ 
says  John  Phelps,  an  analyst  at 
Gartner. 

“Their  challenge  is  to  be  able 
to  enhance  it  such  that  it  can 
draw  in  other  platforms  and 
work  with  them,”  he  says. 

Analysts  also  expect  the  new 
machines  to  be  bigger  and  faster. 
The  system  will  be  built  on 
engines  running  at  600  MIPS, 
analysts  say.  The  z990  has 
engines  running  at  about  450 
MIPS. 

In  addition,  while  the  new  sys¬ 
tem  isn’t  expected  to  have  more 
processors,  end  users  will  be 
able  to  allocate  more  of  them  to 
workloads  so  that  the  system 
can  scale  up  to  a  38-way 
machine.The  z990  scales  to  a  32- 
way  configuration  because 
some  of  the  processors  are  allo¬ 
cated  strictly  for  spares  or  sys¬ 
tem-assist  functions. 

During  a  conference  call  with 
analysts  following  the  release  of 
IBM’s  second-quarter  financial 
results  last  week,  IBM  CFO  Mark 


Growing  Big  Iron 

IBM  says 

60%  to  70% 

of  current  mainframe  revenue 
is  associated  with  new  work¬ 
loads,  particulary  Linux, 
enterprise  applications  and 
WebSphere. 


Loughridge  said  that  a  new 
zSeries  will  be  announced  this 
week,  “with  availability  in  Sept¬ 
ember’’  He  said  that  integration, 
security  and  workload  manage¬ 
ment  features  will  be  enhanced 
in  the  new  mainframe. 

After  double-digit  growth  in 
2004,  zSeries  revenue  has  taken 
a  hit.  Revenue  declined  24%  dur¬ 
ing  the  second  quarter,  com¬ 
pared  with  the  same  quarter 
a  year  ago,  caused  in  large  part 
by  customers  awaiting  the 
new  product  announcement, 
Loughridge  said. 


At  the  same  time,  workloads 
running  on  the  mainframe  are 
expanding.  “About  60%  to  70%  of 
our  revenue  is  associated  with 
new  workloads,  particularly 
Linux,  enterprise  applications 
and  WebSphere,”  Loughridge 
said. 

Joe  Poole,  technical  director  at 
Boscov’s  department  stores  in 
Reading,  Pa.,  runs  Linux 
instances  on  a  z900,  and  is  plan¬ 
ning  to  upgrade  to  a  z990  this 
year. 

If  the  new  zSeries  is  available  in 
September,  Boscov’s  may  get  that 
machine  rather  than  the  z990, 
Poole  says.  The  most  interesting 
aspect  of  the  new  mainframe  is 
the  faster  processor,  he  says. 

“Most  of  the  software  we 
license  ...  is  by  CPU,  not  by 
speed,”  Poole  says.“The  faster  the 
chip,  the  more  we  benefit.  If  the 
speed  increases  by  a  third,  that 
means  we  can  put  more  work  on 
the  z/VM  side  and  run  even 
more  Linux  instances.” 

IBM  also  is  expected  to  put  the 


first  touches  on  its  new  network- 
attached  storage  (NAS)  strategy, 
which  the  company  initiated  in 
April  when  it  signed  a  deal  with 
Network  Appliance  to  resell  and 
re-brand  NetApp  file  servers. 

IBM  is  expected  to  announce 
the  new  TotalStorage  N3700  NAS 
system.  The  N3700  is  a  re-brand¬ 
ed  Network  Appliance  FAS270 
Series  file  server  —  a  mid-range 
system  with  up  to  8T  bytes  of 
capacity  and  Fibre  Channel 
capability  for  connection  to  stor¬ 
age-area  networks  as  well  as 
Gigabit  Ethernet  LANs.  The  sys¬ 
tem  is  expected  to  be  available 
in  August.  Pricing  has  not  been 
determined,  sources  say. 

IBM  also  is  expected  to 
announce  that  it  will  double  the 
cache  to  8G  bytes  per  controller 
on  its  TotalStorage  DS4800  array 
and  support  4G-bit  Fibre 
Channel  switching  technology. 

Network  World  Senior  Editor 
Deni  Connor  contributed  to  this 
story. 


Managed  storage  services  in  store 


Verizon  is  also  turning  up  managed  stor¬ 
age  services  for  enterprise  customers. 
Those  operations,  also  borne  of  internal 
practices,  will  be  run  from  a  Verizon  data 
center  in  Tampa,  Fla. 

Managed  storage  will  encompass  everything 
from  data  backup,  archival  and  recovery  to 
storage-area  network  operation  and  manage¬ 
ment,  says  Bill  Hummel,  product  manager  for 
managed  security  and  storage  services.  If 
customers  choose  to  situate  storage  equip¬ 
ment  in  their  own  facilities,  Verizon  also  will 
manage  that,  he  says. 

The  impetus  for  entering  this  market  was 
driven  by  the  requirement  of  businesses  to 
comply  with  regulations  for  recording  data,  as 
well  as  growth  in  the  mid-range  storage 
device  market  of  48%  per  year,  Hummel  says, 
citing  data  from  partner  EMC. 

The  compliance  aspect  hits  home  with  some 
users. 


“We've  developed  strategy  right  now  where 
we’re  trying  to  be  more  conducive  to  federal 
regulations,"  says  Robert  Primavera,  assis¬ 
tant  vice  president  at  Eastern  Bank  in  Lynn, 
Mass.,  which  uses  Verizon  SONET  network 
facilities.  “We're  strategizing  with  a  number 
of  different  companies  ...  to  not  only  keep 
data  on  files  but  be  able  to  retrieve  it  in  a 
timely  manner." 

Primavera  says  Ver  izon  has  not  briefed  him 
about  the  storage  service. 

Verizon  had  been  offering  its  interna!  stor¬ 
age  capacity  to  corporations  on  a  limited, 
customized  basis,  but  the  carrier  is  opening 
up  its  internal  IT  and  data  center  capabilities 
to  enterprise  customers  with  standard  ser¬ 
vice-level  agreements,  Hummel  says.  Pricing 
is  based  on  how  much  storage  capacity  is 
used,  as  weil  as  the  sophistication  of  storage 
equipment  and  network  facilities,  he  says. 
Jim  Duffy 


Verizon 

continued  from  page  8 
activity  and  request  changes. 

Customer  demand  cited 

Until  now,  Verizon  offered 
security  services  from 
Integralis,  a  security  systems 
integrator  with  U.S.  operations 
in  East  Hartford,  Conn.  The  car¬ 
rier  bundled  “point”  solutions 
from  Integralis,  such  as  a  fire¬ 
wall,  with  Verizon  network  ser¬ 
vices  and  VPNs. 

Now  Verizon  customers  are 
pushing  the  carrier  to  provide 
them  with  the  same  compre¬ 
hensive  security  products  and 
procedures  Verizon  uses  for  its 
own  network,  which  supports 
210,000  desktops  and  eight 
major  data  centers. 

“Customers  have  asked  us,  ‘If 
you’re  doing  it  for  yourself  and 
keeping  the  threats  out  of  your 
own  company,  can  you  help  us 
by  providing  the  cybersecurity 
along  with  the  network?”’  Hum¬ 
mel  says.  “We’re  taking  a  much 
larger  role  and  a  much  bigger 
presence.” 

Verizon  and  Integralis  say  they 
will  continue  to  partner.  Inte¬ 


gralis  will  continue  to  pur¬ 
chase,  install  and  maintain 
security  equipment,  while 
Verizon  personnel  will  monitor 
customer  networks.  Previously, 


Integralis  personnel  provided 
monitoring. 

Hummel  says  Verizon  will  con¬ 
tinue  to  partner  with  Integralis 
for  optional  security  extensions 


should  customers  request 
them.  Integralis  says  each  com¬ 
pany’s  security  portfolios  will 
“strategically  complement  each 
other.” 


Verizon  also  will  bundle  secu¬ 
rity  services  around  customer 
premises  products  and  services 
it  offers  from  strategic  partners 
Alcatel,  Cisco,  EDS,  EMC,  IBM, 
Lucent,  NEC  and  Nortel. 

In  addition  to  the  48  techni¬ 
cians  at  its  Global  Security 
Operations  Center,  Verizon  has 
1 1  designers  who  consult  with 
customers  to  tailor  a  security 
plan,  Hummel  says.  Verizon 
plans  to  expand  that  staff,  he 
says. 

Hundreds  of  enterprise  sys¬ 
tems  engineers  also  are  being 
trained  on  all  aspects  of  the 
operations  center  and  the  man¬ 
aged  security  offerings,  Hummel 
says.  The  operations  center  has 
a  primary  backup  facility  and 
Verizon  has  several  secondary 
centers,  he  says.  ■ 


nww.com 

More  on  managed  security 

Learn  about  how  customers  are  exploiting 
managed  security  services: 

DocFinder:  8155 


SONICWALL 


Gateway  Anti-Virus  ■  Anti-Spyware  ■  Intrusion  Prevention  ■  Content  Security  ■  Secure  Wireless  ■  Firewall  ■  ;VPKl 


Around  the  clock,  around  the  world,  and  around  the  Web- 

SonicWALL  is  there  for  you. 


The  reality  could  be  quite  costly. 

But  how  can  you  protect  your  network  from  Internet  threats  and  harmful  Web  content  without 
spending  mountains  of  cash?  The  answer  is  SonicWALL®.  We  take  state-of-the-art  network  security 
and  make  it  simple,  affordable  and  reliable.  So  businesses  like  yours  can  stay  focused  on  business. 

Using  our  Content  Security  Management  Solutions  behind  your  existing  firewall  gives  you  granular 
controls  and  high  availability  to  block  viruses,  spyware  and  inappropriate  content.  You  can  easily 
set  times  for  accessing  shopping,  banking  and  other  personal  Web  surfing  sites.  And  advanced 
analysis  and  reporting  give  real  insight  into  network  usage.  All  in  one  affordable,  usable  package. 
That's  the  SonicWALL  way. 

Stop  wondering  where  your  employees  are.  For  more  details  on  our  SonicWALL  Content  Security 
Management  Solutions,  visit  www.sonicwall.com/csm  or  call  us  at  1.888.557.6642. 
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ndustry  weighs  in  on  HP  revamp 


New  Hurd  order 

Since  its  acquisition  of  Compaq,  HP  has  undergone  many  changes. 

Jan.  14, 2005 

May  3, 2002  Fiorina  combines  HP  printer  and  PC 

HP  and  Compaq  officially  merge  in  a  divisions,  saying  the  move  will  foster 

S25  billion  deal,  beginning  operations  efficiency  and  help  the  company 

as  one  unified  company.  deliver  products  more  quickly. 


June  13, 2005 

Hurd  splits  HP's  recently  merged  printer  and  PC  groups  into  two  divisions, 
and  hires  former  PalmOne  CEO  R.  Todd  Bradley  as 
the  executive  vice  president  of  the  Personal 
Systems  Group. 

July  12, 2005 

HP  hires  former  Dell  CIO  Randy  Mott 
to  serve  as  an  executive  vice  president 
and  new  CIO  at  HP. 
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Nov.  20, 2002 

HP  Chairman  and  CEO 
Carly  Fiorina  announces 
the  company  will  cut  close 
to  18,000 jobs  in  the  wake 
of  the  Compaq  merger. 


Feb.  9, 2005 

Fiorina  steps  down  at 
the  board's  request 
and  walks  away  with 
more  than  $21  million 
in  severance. 


March  29,2005 

HP  names  Mark  Hurd  as  its  new  CEO 
and  president. 
Hurd  previously 
spent  25  years 
at  NCR,  with 
two  years 
as  CEO  and 
president  there. 


July  18, 2005 

HP  independent  user  group  Interex  disbands  and  HP 
World  2005  conference  slated  for  August  is  canceled 
immediately  as  HP  puts  its  efforts  into  its  new  HP 
Technology  Forum  conference  in  September. 

July  19, 2005 

Hurd  announces  HP  will  lay  off  14,500  employees  in  an 
effort  to  cut  costs  by  $1.9  billion  per  year. 


BY  JENNIFER  MEARS 
AND  DENISE  DUBIE 

HP  is  taking  some  drastic  steps 
to  restructure  itself,  aiming  to  cut 
costs  and  respond  more  quickly 
to  market  and  customer  de¬ 
mands.  But  some  users  and  indus¬ 
try  experts  aren’t  convinced  the 
company  is  headed  in  the  right 
direction. 

Last  week,  new  CEO  Mark  Hurd 
made  good  on  industry  expecta¬ 
tions  and  slashed  HP’s  workforce. 
The  massive  reorganization, 
which  will  cut  14,500  jobs  (10%  of 
the  workforce),  revamp  retire¬ 
ment  benefits  and  restructure 
internal  business  units,  is  expect¬ 
ed  to  save  the  company  $1.9  bil¬ 
lion  annually  beginning  in  2007. 
HPset  to  announce  its  third-quar¬ 
ter  earnings  next  month,  posted  a 
strong  second  quarter,  outpacing 
analyst  estimates  with  revenue  of 
$21.6  billion. 

HP’s  financial  results  in  the  past 
few  quarters,  however,  have  been 
uneven  at  best,  leading  to  the 
ouster  of  CEO  Carly  Fiorina  earli¬ 
er  this  year.  Hurd  told  reporters 
and  analysts  in  a  conference  call 
detailing  the  latest  staff  reduc¬ 
tions  that  the  restructuring  was 
just  getting  started,  but  he  wasn’t 
specific  about  what  moves  might 
come  next. 

The  cuts  follow  several  earlier 
moves  by  Hurd,  who  took  the 
helm  in  March,  to  rejigger  HP’s 
internal  structure.  Among  the 
changes  was  the  breakup  of  the 
PC  and  printer  groups  that  were 
fused  by  Fiorina  in  January  and 
new  hires,  including  former  Dell 
CIO  Randy  Mott  to  run  HP’s  inter¬ 
nal  IT  department.  Hurd  says  the 
moves  are  designed  to  create 
a  simpler,  more  flexible  HP  that 
can  innovate  and  operate  more 
closely  with  its  customers. 

Still,  the  moves  leave  some 
industry  observers  scratching 
their  heads.  Hurd,  for  example, 
says  the  cuts  would  only  minimal¬ 
ly  impact  HP’s  research  efforts,  but 
then  the  company  confirmed  it 
was  cutting  four  projects  at  its 
labs. 

“We  still  need  to  hear  more 
about  strategy  and  differentia¬ 
tion,”  Merrill  Lynch  analyst  Steven 
Milunovich  writes  in  a  research 
report  he  issued  following  the 
announcement  of  the  layoffs  last 
week.  “No  doubt  HP’s  execution 


will  improve,  but  we  think  there  are 
strategic  issues  to  be  addressed, 
as  well.” 

Those  issues  center  on  how  HP 
will  bring  new  products  and  ser¬ 
vices  to  market,  analysts  say. 
Nevertheless,  analysts  applauded 
the  staff  cuts  and  restructuring, 
saying  the  moves  could  help 
bring  HP  back  to  its  engineering 
roots. 

“The  initiatives  that  Carly  put  in 
place  to  try  to  overpower  the  engi¬ 
neers  with  a  sales  culture  that  she 
layered  on  top  of  the  engineering 
culture  has  now  been  reversed,” 
says  Mark  Stahlman,  senior  vice 
president  of  equity  research  at 
Caris  &  Company.  “Now  those 
extra  people  that  Carly  put  in 
place  are  leaving.” 

By  trimming  the  fat,  HP  will  be 
able  to  better  innovate  in  an 
increasingly  competitive  market, 
Stahlman  says. 

“The  new  new  HP  is  in  a  much 
better  position  to  take  advantage 
of  its  capacity  to  innovate  and 
compete  in  a  marketplace  that  is 
increasingly  excited  about  new 
products,”  he  says.“ We’re  not  in  the 
slump  anymore.  The  computer 
systems  and  consumer  electron¬ 
ics  and  networking  businesses 
that  HP  is  in  are  growth  business¬ 
es  again. 

“HP  is  a  far  more  focused  and 
lean  organization  to  try  to  com¬ 
pete.  They  have  a  much  better 
chance  at  success  now  than  they 


did  a  year  ago,”  he  says. 

Better  communication  about  its 
strategies,  and  about  the  reorgani¬ 
zation  in  general,  is  important  to 
keeping  customers  loyal  as  HP 
moves  through  its  transformation, 
users  say 

Dave  Geiver,  vice  president  of 
technology  at  Premier  Bankcard, 
in  Sioux  Falls, S.D., says  he  was  sur¬ 
prised  that  he  never  heard  from 
his  HP  account  executives  regard¬ 
ing  the  restructuring. 

“We  have  been  watching  the 
news  of  HP’s  restructuring  and 
layoffs  with  concern,”  says  Geiver, 
who  worries  about  HP  moving  its 
focus  away  from  mid-  and  large- 
scale  customers.  As  part  of  the 
restructuring,  HP  dissolved  its 
Customer  Solutions  Group,  which 
handled  sales  to  enterprise,  small 
and  midsize  business,  and  public 
sector  customers.  Instead,  sales 
functions  are  being  merged  into 
three  business  units:  Technology 
Solutions  Group,  Imaging  and 
Printing  Group,  and  Personal 
Systems  Group. 

“I’m  concerned  about  a  slide  to 
more  of  a  mass  production,  low- 
cost  manufacturing  and  distribu¬ 
tion  channel,”  he  says. 

Good-bye  user  group 

Geiver  says  he  also  is  concerned 
by  the  demise  of  Interex,  the  31- 
year-old,  100,000-member  HP  user 
group  that  suddenly  announced 
it  was  “financially  necessary”  to 


shut  it  doors.  Interex  also  can¬ 
celed  its  HP  World  conference 
scheduled  for  August,  likely  in  part 
because  of  HP’s  Technology 
Forum  in  September,  which  the 
company  is  co-sponsoring  with 
the  Encompass  user  group. 

HP  will  pay  registration  fees  to 
the  forum,  to  be  held  in  New 
Orleans,  for  users  who  already 
paid  to  attend  HP  World. 
Encompass  and  the  OpenView 
Forum,  also  participating  in  the 
conference,  are  helping  to 
direct  its  content,  and  Interex 
was  invited  by  HP  to  do  so,  as 
well,  HP  says. 

Geiver  says  he  is  considering 
attending  the  Technology  Forum 
but  is  disappointed  that  his  only 
option  now  is  to  attend  an  HP- 
sponsored  event. 

“This  is  a  concern  mainly 
because  we  look  hard  to  find  non¬ 
vendor-specific  events  to  give  us 
an  industry-wide  perspective,”  he 
says. 

Mike  Peckar,  co-chair  of  the  New 
England  chapter  of  the  OpenView 
Forum  and  principal  consultant  at 
Fognet  Consulting,  says  HP  inter¬ 
action  with  its  user  groups  is 
essential  to  the  company 

“That  HP  should  iook  at  these 
events  as  a  financial  burden  is  a 
product  of  short-term  thinking 
that  will  result  in  the  long  run  in 
the  erosion  of  HP’s  loyal  customer 
base,”  he  says. 

He  adds  that  HP  needs  to  define 


a  consistent  message  for  its  cus¬ 
tomers  in  terms  of  its  product 
strategy  and  be  sure  to  maintain 
customer  service  in  the  interim. 

“Any  moves  HP  makes  now  to 
undermine  customer  satisfaction 
could  prove  disastrous  in  the  long 
run,”  Peckar  says. 

Industry  analysts  also  note  that 
HP  needs  to  work  very  closely 
with  its  customers  going  forward 
because  despite  its  strong  tech¬ 
nology  offerings,  the  company 
doesn’t  make  clear  to  customers 
how  to  apply  them. 

“Today  HP  is  a  bundle  of  prod¬ 
ucts  and  services  and  a  vision 
wrapped  up  in  multiple,  compli¬ 
cated,  technical  architectures.This 
is  too  complex.  [HP]  lacks  a 
methodology  to  help  their  cus¬ 
tomers  see  how  to  apply”  its  prod¬ 
ucts  and  technologies,  says  Rich 
Ptak,  principal  analyst  with  Ptak, 
Noel  &  Associates. 

While  it’s  true  that  HP  has  been 
struggling  to  digest  the  acquisi¬ 
tion  of  Compaq,  finalized  in  2003, 
it  still  has  all  the  components  of 
being  a  market  leader  in  the  years 
ahead,  analysts  say. 

“HP  is  one  of  those  compa¬ 
nies  where  if  you  can  get  it 
tweaked  right  and  put  a  couple 
of  good  strategies  in  there  — 
look  out,” says  Richard  Evensen, 
an  analyst  at  Technology 
Business  Research. “It  will  come 
back,  and  it  will  come  back 
strong.”  ■ 


•V  ' 


SWITCHING  TO 


N  I 


AND  STOPPED  THE  SPAM. 

At  Jenny  Craig,  our  off  the  shelf  anti-spam  software  just  couldn’t 
keep  up.  We  had  to  find  a  better  solution,  but  we  wanted  more 
than  just  anti-spam  protection.  We  got  it  by  switching  to  Postini. 
Now  we  get  protection  from  spam,  viruses,  and  other  email 
attacks— and  seamless  back  up  and  recovery.  If  our  email  servers 
experience  trouble  our  users  never  even  notice.  Smart  move. 

JEFF  NELSON,  DIRECTOR  OF  TECHNOLOGY,  JENNY  CRAIG,  INC. 

SAN  DIEGO,  CALIFORNIA 

FIND  OUT  WHY  COMPANIES  ARE  SWITCHING  TO  POSTINI.  DOWNLOAD  A  FREE  WHITE  PAPER 
AT  OR  CALL  US  TODAY  AT  888.584.31 50 


SWITCH  TO  POSTINI.  THE  SMART  MOVE. 
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VoIP  security  threats:  Fact  or  fiction? 


VoIP’s  foibles 

VoIP  networks  are  particularly  sensitive  to  certain  types  of 

compromises,  including: 

•  Eavesdropping  -  The  potential  increases  with  VoIP  because  of  the  many  nodes  on  the 
network,  unlike  PSTN  systems,  where  intruders  must  tap  a  line  or  penetrate  a  switch. 

•  Denial-of-service  (DoS)  attacks  -  VoIP  networks  are  particularly  vulnerable  because 
of  their  sensitivity  to  packet  loss  or  delay. 

•  Registration  attacks  -  Because  of  SIP's  requirement  for  devices  to  register  a  transient 
IP  address  with  the  user's  permanent  address,  it  allows  for  unauthorized  registration 
that  can  lead  to  hijacking  resources. 

•  Spam  -VoIP  represents  a  better  option  for  spammers  than  PSTN  systems,  because 
a  single  message  can  be  sent  out  to  thousands  of  recipients  simultaneously,  and  the 
phone  call  is  free. 

•  Phishing  -  Phishers  can  spoof  the  caller  ID  information  on  VoIP  phones  to  display  the 
name  of  a  legitimate  institution. 

SOURCE:  BORDER  WARE  TECHNOLOGIES 


BY  CARA  GARRETSON 

Imagine  an  intaider  found  his 
way  into  your  VoIP  network  unde¬ 
tected  and  began  listening  to  any 
conversation  he  chose,  extracting 
sensitive  information,  company 
secrets  or  even  details  he  could 
use  to  blackmail  your  CEO. 

Last  month,  a  company  called 
Internet  Security  Systems  (ISS) 
issued  an  alert  to  warn  users  that 
Cisco’s  VoIP  offering  had  a  securi¬ 
ty  flaw  that  would  allow  just  that. 
According  to  the  company  this 
implementation  flaw  in  Cisco’s 
Call  Manager,  which  handles  call 
signaling  and  routing,  could  allow 
a  buffer  overflow  that  would  grant 
an  intruder  access  to  the  system 
to  listen  in  on  all  calls  routed 
through  it. 

This  is  one  scenario  described 
by  ISS  and  other  vendors  focused 
on  selling  technology  to  plug  the 
security  holes  in  VoIP  a  method 
for  sending  voice  traffic  over  IP 
that  many  say  was  not  designed 
with  security  in  mind.  ISS  and  its 
competitors,  which  come  to  this 
new  field  largely  from  the  VoIP 
management  and  IP  security 
markets,  forecast  big  risks  for 
companies  that  don’t  take  VoIP 
security  seriously,  and  undoubt¬ 
edly  look  forward  to  formidable 
revenue  streams  generated  by 
those  that  do. 

Growing  pains 

VoIP  “is  going  to  have  growing 
pains  when  it  comes  to  security’ 
says  Neel  Mehta,  team  lead  with 
ISS’s  X-Force  research  and  devel¬ 
opment  group.  “It’s  still  an  emerg¬ 
ing  threat,  but  one  we  take  very 
seriousty’ 

This  group  of  vendors,  which 
includes  BorderWare,  Secure 
Logix  and  NFR,  urges  the  use  of 
such  security  appliances  as  fire¬ 
walls  that  are  specifically 
designed  to  filter  VoIP  traffic  for 
suspicious  patterns  and  drop 
those  connections. 

Yet  it’s  difficult  to  find  a  compa¬ 
ny  that  has  suffered  at  the  hands 
of  VoIP  abusers,  be  they  spam¬ 
mers  clogging  voice  mail  boxes 
with  unwanted  messages,  intrud¬ 
ers  listening  to  phone  conversa¬ 
tions  or  scammers  masking  their 
true  identity  So  far,  the  threats 
appear  to  be  largely  hypothetical 
(see  graphic). 

“1  don’t  think  there’s  a  whole  lot 


of  real  threats  right  now,”  says 
Irwin  Lazar,  senior  analyst  with 
Burton  Group.  “VoIP  is  still  pretty 
much  a  closed  system;  almost  no 
company  exposes  their  VoIP  sys¬ 
tem  to  the  Internet.”  However, 
once  that  changes  and  compa¬ 
nies  start  publicizing  their  SIP 
addresses  used  in  VoIP  communi¬ 
cations  on  business  cards  and 
Web  sites,  security  will  become 
essential,  he  says. 

For  the  moment,  VoIP  security 
does  not  appear  to  be  at  the  fore¬ 
front  of  IT  managers’  minds. 

Last  year, VoIP  management  ven¬ 
dor  Qovia  announced  it  had  filed 
a  patent  covering  a  technique  for 
catching  VoIP  spam,  considered 
to  be  one  of  the  more  immediate 
threats  to  these  networks.  Qovia 
planned  to  release  this  spam- 
catching  module  last  year,  but 
hasn’t  yet  done  so,  because  of 
lack  of  market  interest, says  Pierce 
Reid,  Qovia’s  vice  president  of 
marketing. 

Hot  topics 

However,  Reid  says  interest  in 
such  products  is  beginning  to 
pick  up,  adding  that  security 
issues  are  now  hot  topics  at  VoIP 
events.“Part  of  what  we  wanted  to 
do  a  year  ago  was  helping  to 
raise  awareness  in  time  to  protect 
ourselves  before  we’re  hit”  with 
VoIP  threats,  Reid  says.  The  com¬ 
pany  plans  to  announce  its  anti¬ 
spam  product’s  availability  later 
this  year. 

When  the  city  of  Jacksonville, 
N.C.,  installed  Cisco’s  VoIP  equip¬ 
ment  about  three  years  ago,  the 
organization  focused  on  cutting 


costs,  and  security  wasn’t  a  prima¬ 
ry  concern,  says  Bobby  Parrish, 
senior  IT  specialist  for  the  city. 
Nonetheless,  his  group  took  a  few 
steps  toward  protecting  its  voice 
network  such  as  separating  it  from 
the  data  network  and  providing 
some  physical  security  for  the 
phones. 

While  the  city  hasn’t  suffered 
any  security  breaches  to  its  VoIP 
network,  Parrish  believes  his  orga¬ 
nization  might  have  been  lucky 
and  that  the  luck  won’t  last  forev¬ 
er.  “I  haven’t  seen  the  horror  side 
of  it,  but  I’m  not  naive  enough  to 
think  that  it  won’t  happen,”  he 
says.  Jacksonville  will  evaluate 
Qovia’s  anti-spam  for  VoIP  offering 
when  it’s  released,  he  says. 

There  are  a  few  good  reasons  for 
not  dismissing  the  potential 
threats  to  VoIP  out  of  hand,  even 
before  they  become  widespread 
realities.  First,  given  how  abuses 
such  as  viruses,  spam  and  phish¬ 
ing  have  run  rampant  on  other  IP- 
based  communications  systems, 
particularly  e-mail,  it  isn’t  difficult 
to  imagine  similar  threats  finding 
their  way  to  VoIP  Second,  if  these 
theoretical  threats  do  make  their 
way  to  the  corporate  world,  they 
can  wreak  significant  havoc. 

Watch  your  step 

“1  really  don’t  think  people 
should  be  deploying  VoIP  unless 
they  have  the  necessary  security 
in  place,”  says  Bob  Gligorea,  infor¬ 
mation  security  officer  with 
Exchange  Bank  in  Santa  Rosa, 
Calif. The  community  bank  is  cur¬ 
rently  installing  new  network 
hardware,  including  ISS  security 


gear,  so  it  can  transition  to  VoIP 
next  year.  “I  haven’t  heard  about 
these  abuses  actually  happening, 
but  think  about  eavesdropping 
from  a  competitive  advantage 
[standpoint] ,  that  could  be  pretty 
bad.” 

So  what  should  organizations 
do  about  these  threats?  Earlier  this 
year  the  U.S.  government  offered 
some  suggestions.  The  National 
Institute  for  Standards  and 
Technology,  a  division  of  the 
Department  of  Commerce,  in 
January  issued  a  report  evaluating 
the  security  of  VoIP  pointing  out 
that  IT  managers  should  not 
assume  that  because  their  data 
networks  are  protected,  adding 
voice  to  their  systems  will  be 
secure,  as  well.  “Administrators 
may  mistakenly  assume  that  since 
digitized  voice  travels  in  packets, 
they  can  simply  plug  VoIP  compo¬ 
nents  into  their  already-secured 
networks  and  remain  secure,”  the 
report  states.  “However,  the 
process  is  not  that  simple.” 

The  report  recommends  the 
now-popular  refrain  to  separate 
voice  and  data  traffic,  the  use  of 


security  products  such  as  firewalls 
that  can  detect  VoIP’s  protocols, 
and  avoiding  “softphones”  that 
implement  VoIP  by  using  a  PC  and 
headphones,  leaving  networks 
vulnerable  to  viruses  and  other 
malware. 

In  addition  to  installing  specific 
products  that  can  weed  out  suspi¬ 
cious  VoIP  traffic,  companies 
should  consider  how  their  VoIP 
networks  play  in  their  overall  secu¬ 
rity  efforts,  says  Susan  Larson,  vice 
president  of  global  threat  analysis 
and  research  for  SurfControl,  a 
Web  and  e-mail  filtering  provider. 
With  the  growing  popularity  of 
applications  such  as  Skype,  a  free 
peer-to-peer  program  that  lets 
PC  users  make  phone  calls  over 
the  Internet  —  and  therefore 
establish  unprotected  connec¬ 
tions  to  the  outside  world  —  com¬ 
panies  need  to  consider  what 
their  employees  might  be  down¬ 
loading.  SurfControl’s  products 
can  block  downloads  from  such 
sites,  as  well  as  trap  incoming  e- 
mails  with  embedded  URLs  point¬ 
ing  to  these  sites  before  they  enter 
an  organization,  Larson  says.  ■ 


EMC  upping  storage 
capacity,  performance 

BY  DENI  CONNOR 

EMC  this  week  is  expected  to  unveil  two  high-end  storage  arrays 
that  boast  better  performance  and  higher  capacity  for  handling 
transaction-intensive  and  other  applications. 

The  Symmetrix  DMX3500  and  DMX4500  have  more  than  three 
times  the  storage  capacity  of  current  EMC  arrays,  plus  more  cache 
memory,  industry  sources  say  The  systems  are  designed  to  comple¬ 
ment  rather  than  replace  EMC’s  Symmetrix  DMX800, 1000, 2000  and 
3000  arrays. 

EMC  declined  to  comment. 

Sources  say  the  new  boxes  will  have  mirrored  cache,  a  first  for  EMC 
storage  arrays.  Mirroring  of  cache  memory  provides  for  system  redun¬ 
dancy  and  increased  availability.  Increasing  the  size  of  the  cache 
memory  is  important  because  the  system  can  store  more  informa¬ 
tion  quickly.  Arrays  such  as  Hitachi  Data  Systems’  TagmaStores  and 
IBM’s  TotalStorage  DSSOOOs  have  mirrored  cache. 

The  new  EMC  arrays  are  modular  —  meaning  they  can  scale  incre¬ 
mentally  by  adding  more  disk  drives,  memory  or  I/O.  EMC  first  intro¬ 
duced  modular  arrays  with  the  DMX  Series  in  February  2004. 

“The  whole  industry  is  moving  toward  modularity  whether  it  is  in 
adding  more  disk  drives,  throughput  or  I/O  capacity” says  ArunTaneja 
an  analyst  at  Taneja  Group,  who  declined  to  comment  on  the 
specifics  of  the  announcement. 

The  DMX3500  has  an  upper  capacity  of  4-32T  bytes;  the  DMX4500 
supports  576T  bytes  of  data.  EMC’s  current  DMX3000  supports  172T 
bytes. 

Pricing  information  was  unavailable  at  press  time.  ■ 
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School  break-ins 

Since  February,  25  of  60  personal  information  breaches 
recorded  by  Privacy  Rights  Clearinghouse  were  at  colleges 
and  universities. 


Date 

breach  was 
made  public 

School 

Type  of 
breach 

Number  if 

names 

exposed 

March  1 

University  of  California  at  Berkeley 

Stolen  laptop 

98,400 

March  11 

Boston  College 

Hacking 

120,000 

March  20 

Northwestern 

Hacking 

21,000 

March  20 

University  of  Nevada,  Las  Vegas 

Hacking 

5,000 

March  22 

California  State  University,  Chico 

Hacking 

59,900 

March  23 

University  of  California,  San  Francisco 

Hacking 

7,000 

April  11 

Tufts 

Hacking 

106,000 

April  21 

Carnegie  Mellon 

Hacking 

19,000 

April  26 

Michigan  State  (Wharton  Center) 

Hacking 

40,000 

April  28 

Georgia  Southern 

Hacking 

“10s  of 
thousands" 

April  29 

Oklahoma  State 

Missing  laptop 

37,000 

May  5 

Purdue 

Hacking 

11,360 

May  11 

Stanford 

Hacking 

9,900 

May  18 

Jackson  Community  College 

Hacking 

30,000 

May  19 

Valdosta  State 

Hacking 

40,000 

May  20 

Purdue 

Hacking 

11,000 

May  26 

Duke  * 

Hacking 

5,500 

May  27 

Cleveland  State 

Stolen  laptop 

44,420 

June  17 

Kent  State 

Stolen  laptop 

1,400 

June  18 

Hawaii 

Dishonest 

insider 

150,000 

June  22 

East  Carolina 

Hacking 

250 

June  25 

Connecticut 

Hacking 

72,000 

July  14 

University  of  California,  San  Diego 

Hacking 

3,300 

July  7 

Michigan  State 

Hacking 

27,000 

July  7 

Southern  California 

Programming 

320,000 

error 

SOURCE:  PRIVACY  RIGHTS  CLEARINGHOUSE,  SAN  DIEGO,  CALIF.;  SECURITYFOCUS.COM 


Breach 

continued  from  page  8 

for  about  20  students  on  the  Web 
server.  The  IT  group  learned  of  it 
after  a  student  called  to  complain, 
checked  the  computer  and  delet¬ 
ed  the  names.“But  then  we  had  to 
go  and  find  all  the  Web-caching 
servers  and  delete  the  data  from 
them,  too,”  Czerniak  says. 

“We’re  identifying  all  our  servers 
and  their  administrators,  and 


BY  TIM  GREENE 

An  industry  standard  to  facili¬ 
tate  corporate  VPNs  that  cross 
multiple  carrier  networks  could 
be  ready  for  a  vote  by  year-end. 

The  MFA  Forum,  meeting  in 
Ottawa,  last  week  moved  closer 
to  an  agreement  about  how  car¬ 
riers  whose  networks  support 
MPLS  can  give  business  cus¬ 
tomers  service-quality  guaran¬ 
tees  from  network  to  network. 
“Different  carriers  are  doing  their 
own  QoS  models  to  support  cor¬ 
porate  [MPLS]  VPNs,  but  they 
don’t  necessarily  match  up  with 
each  other,”  says  Andy  Malis, 
chairman  and  president  of  the 
forum  and  an  employee  of 
Tellabs. 

The  standard,  formally  called 
an  implementation  agreement, 
will  likely  be  voted  on  by  MFA 
membership  later  this  year,  he 
says.  The  MFA  Forum  is  an  indus¬ 
try  group  resulting  from  the 
merger  of  the  MPLS  &  Frame 
Relay  Alliance  and  the  MPLS 
Forum  last  year  (www.network 
world.com,  DocFinder:  8151). 

The  agreement  will  also 
address  keeping  business  traffic 
private  as  it  crosses  network 
boundaries.  “The  end  customers 
need  to  feel  secure  that  no  other 
customer  of  the  service  provider 
is  able  to  snoop  in  and  see  any  of 
the  packets  they  are  transmitting 
through  what  really  is  a  common 
network,”  says  Rick  Wilder,  MFAs 
vice  president  of  technology  and 
an  employee  of  Alcatel. 

Within  one  carrier  network  it  is 
simple  to  demonstrate  that  kind 
of  privacy  but  it  is  not  so  easy 
when  multiple  networks  and 
multiple  privacy  schemes  are 


telling  them,  ‘Here’s  the  data  that 
should  not  be  on  your  computer; 
and  if  it  has  to  be  there,  here’s  how 
to  protect  it,”’  he  says. 

Technically  IT  best  practices  on 
campus  are  coalescing  around  a 
multi-layer  security  model  that 
aims  at  securing  information,  not 
just  the  network,  says  Stephen 
Fugale.CIO  atVillanova  University 
in  Pennsylvania.  The  campus  has 
a  range  of  standard  perimeter 
defenses,  including  Internet  fire¬ 


involved,  he  says.  “Customers 
want  to  have  that  same  level  of 
assurance  when  their  packets  are 
going  between  service  pro¬ 
viders,”  he  says. 

This  can  be  accomplished  by 
defining  what  information  ser¬ 
vice  providers  share,  making  sure 
it  is  secure  as  it  passes  between 
MPLS  networks  and  making  sure 
the  parties  sharing  the  informa¬ 
tion  are  who  they  say  they  are, 
Malis  says. 

For  example,  carriers  must 
share  some  routing  information 
to  link  their  networks,  and  the 
standard  will  set  limits  on  that  so 
each  carrier  can  maintain  priva¬ 
cy,  he  says. 

“There  are  policies  that  quanti¬ 
fy  exactly  how  much  routing 
information  you’re  allowed  to 
have  go  across  the  interface,” 
Wilder  says.  “Very  often  the 
details  for  the  routing  protocols 
within  one  network  are  felt  to  be 
proprietary  information  that  you 
don’t  want  to  leak  out  into  a 
competitor’s  network.  You  don’t 
want  snooping  on  network-con¬ 
trol  packets.” 

The  draft  of  the  standard  calls 
for  authenticating  all  control  ses¬ 
sions  that  have  to  do  with  config¬ 
uring  services  to  prevent  hackers 
from  posing  as  trusted  carrier 
partners  trying  to  set  up  a  VPN, 
for  example,  Malis  says. 

Currently  there  isn’t  much  inter¬ 
connection  among  MPLS  carri¬ 
ers,  but  a  standard  will  make  it 
simpler  and  more  attractive  for 
them  to  cooperate,  Wilder  says. 
“Carriers  do  compete  with  each 
other  and  so  they  don’t  com¬ 
pletely  trust  each  other”  Wilder 
says.  ■ 


walls  and  network  monitoring. 
Internally,  services  ranging  from 
ERP  and  HR  to  the  campus  book¬ 
store  are  treated  as  individual 
security  domains,  sometimes  with 
separate  firewalls.  Usernames  and 
passwords  are  backed  up  by  spe¬ 
cific  system  and  application  regis¬ 
tration  requirements  in  some 
cases. 

‘No  magical  technology' 

But  Fugale  says  such  a  model  is 
not  technology  driven  and  can’t 
be.“There  is  no  magical  technolo¬ 
gy  for  this  kind  of  information 
security  he  says. 

“University  environments  need 
to  start  recognizing  [that]  they 
have  very  critical  and  sensitive 
personal  information,”  says  A1 
Decker,  executive  director  of  secu¬ 
rity  and  privacy  at  systems  inte¬ 
gration  giant  EDS  in  Plano,  Texas. 
“The  driver  for  [better]  security 
used  to  come  from  within  the 
organization.  Now  it’s  shifting  to 
come  from  outside:  consumers, 
individuals.  They’re  going  to  start 
demanding  that  organizations 
start  taking  good  care  of  their  per¬ 
sonal  information.” 

One  of  the  most  dramatic  exam¬ 
ples  of  how  campus  attitudes 
toward  personal  data  security  are 
changing  is  the  April  memo  from 
University  of  California  at  Berke¬ 
ley  Chancellor  Robert  Birgeneau. 
Addressed  to  the  entire  university 
community,  Birgeneau  said  he 
had  been  “stunned”  to  learn  that  a 
laptop  stolen  from  the  school’s 
graduate  division  held  personal 
data  on  almost  100,000  current 
and  former  graduate  students  and 
applicants.This  incident  revealed 
serious  gaps  in  our  management 
of  this  kind  of  data,”  he  wrote.The 
campus  has  been  instituting  new 
policies  to  address  these  issues  for 
several  months,  and  we  will  do 
much  more.  Accountability  for 
this  effort  ultimately  lies  with  me.” 

Information  stewardship 

That’s  as  it  should  be,  says 
Rodney  Petersen,  policy  analyst 
and  security  task  force  coordina¬ 
tor,  with  EduCause,  a  non-profit 
that  promotes  technology  use  in 
higher  education.  Petersen  says 
schools  have  been  talking  for  sev¬ 
eral  years  about  the  concept  of 
information  stewardship  —  of 
putting  the  responsibility  for  infor¬ 
mation  security  with  those  who 
hold  that  information.  “It’s  a  mis¬ 
take  to  assume  that  security  lies 
with  the  technology  staff,”  he  says. 

That  encourages  a  mind-set  that 


information  security  is  a  narrow 
technology  problem  instead  a 
more  comprehensive  issue  in¬ 
volving  people,  policies  and  pro¬ 
cedures,  Petersen  says. 

Schools  should  begin  with  a  risk 
assessment,  which  involves  identi¬ 
fying  information  assets,  such  as 
personal  data,  and  tracing  the 
movement  of  these  assets  among 
various  departments  and  groups. 

At  the  same  time,  schools  need 
to  assess  security  policies,  training 
and  processes.  “You  may  find  that 
you’re  distributing  personal  data 
more  broadly  than  needed,  or  that 
some  department  has  a  practice 
of  collecting  student  Social 
Security  numbers,  even  when 
they’re  not  needed,”  he  says. 

The  assessment  lets  you  identify 
vulnerabilities  and  the  steps  you 
can  take  to  mitigate  them.  Some 
of  those  steps  may  involve  buying 


hardware  or  software  products, 
but  they  may  also  involve  such 
changes  as  increased  training 
about  confidentiality  and  non-dis¬ 
closure  policies.  Finally,  you  then 
can  set  priorities  and  allocate  the 
time  and  money  to  achieve  them. 

But  the  spate  of  campus  data 
breaches  adds  unprecedented 
urgency  to  these  plans.  “Institu¬ 
tions  are  going  to  have  to  follow 
through  on  their  plans.  De¬ 
cisively”  UConn’s  Kerntke  says.  ■ 
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Breach  of  trust 

Visit  our  security  research  center  to  read 
up  on  some  of  the  individual  schools  that 
have  had  to  deal  with  security  breaches. 
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■  HP  Systems  Insight  Manager™:  Web-based  networked 
managment  through  a  single  console 

•  Rapid  Deployment  Pack:  For  ease  of  deployment  and 
ongoing  provisioning  and  reprovisioning 


The  HP  ProLiant  BL20p  G3  blade  server  with  the  Intel®  Xeon™  Processor  simplifies  server  management. 
Simple  to  set  up,  simple  to  monitor,  simple  to  manage.  It  all  starts  with  the  Rapid  Deployment 
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the  remote  management  features  let  you  manage  your  server  no  matter  where  you  are.  Plus,  you 
can  bundle  it  with  the  HP  StorageWorks  MSA1500  to  make  storing  your  data  simple,  scalable 
and  affordable.  So  with  HP,  you  get  more  expertise  before  you  buy,  more  technology  when  you 
do  and  more  support  after. 
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Start-up  seeks  to  keep  net  clients  clean 


BY  JOHN  COX 

New  software  to  control  the 
peripheral  and  network  inter¬ 
faces  of  client  devices  on  cor¬ 
porate  networks  is  undergoing 
beta  test. 

The  software,  from  Israeli  start¬ 
up  Safend,can  block  data  being 
transferred  to  or  from  a  range  of 
peripherals  such  as  zip  drives, 
CD/DVD  drives,  portable  print¬ 
ers,  iPods  and  digital  cameras. 
This  kind  of  port  monitoring 
and  control  software  can  be 
used  to  block  the  entrance  of 
viruses  and  malware,  and  pre¬ 
vent  corporate  data  from  being 
copied  or  saved  except  where 
and  when  authorized. 

“It’s  an  important  issue  for 
the  enterprise  to  address  because 
so  much  information  theft  leaves 
through  these  kinds  of  [peripher¬ 
al]  devices,”  says  Natalie  Lambert, 
security  analyst  with  Forrester 
Research.  (See  Network  World’s 
recent  Test  Alliance  evaluation  of 
several  endpoint  protection  prod¬ 
ucts  at  www.networkworld.com, 
DocFinder:8153.) 

The  new  software  is  an  exten¬ 
sion  of  Safend’s  current  product, 
called  USB  Port  Protector,  which 
was  released  six  months  ago.  The 
new  product,  Safend  Protect, 
released  to  beta  test  last  week 
goes  beyond  USB  ports.  When 
released  in  September,  the  new 
product  will  control  a  much 
wider  range  of  peripheral  and 
network  interfaces  such  as  PCM¬ 
CIA  slots,  wireless  LAN  adapters, 
FireWire,  infrared  and  in  the 
future,  wireless  USB.  And  it  will 
protect  them  on  such  handheld 
devices  as  PDAs  and,  especially 
smart  phones. 

Safend  Protector,  which  like 
the  original  product,  has  three 
parts. 

With  Protector  loaded  on  a 
PC,  administrators  work  with 
graphical  screens  to  set  up 
usage  policies  for  various  class¬ 
es  of  peripheral  devices.  Then 
they  can  create  a  variety  of 
exceptions  as  needed.  For 
example,  Apple  iPods  may  be 
allowed  on  the  network,  but 
blocked  from  accepting  files. 
Laptops  can  be  constrained  to 
print  only  to  a  given  printer,  in 
the  user’s  office  for  example. 
Policies  can  be  set  up  for  indi¬ 
vidual  users  or  client  devices,  or 
by  groups. 


Profile:  Safend 


Location 


Tel  Aviv,  Israel;  Philadelphia. 


Founded 


2003 


Primary 

business 


Software  that  sets  and  enforces  policies  on  the  use  of  USB  and 
other  peripheral  and  network  interfaces  on  client  devices. 


Management 


Customers 

Background 


Gil  Sever,  CEO;  Zvi  Gutterman,  CTO. 


Financing 


$2  million,  in  November  2004  from  Walden  Israel  Venture  Capital; 
undeclared  amount  in  March  2005  from  Intel  Capital. 


Philadelphia  Stock  Exchange;  Transkaryotic  Therapies,  a 
biopharmaceutical  company. 


CEO  Sever  is  an  18-year  veteran  of  the  Israeli  Defense  Forces, 
where  he  managed  strategic  planning  and  large-scale  R&D  in 
communications  protocols,  and  protocol  and  software  security. 


Working  with  Protector,  the 
administrator  then  packages 
these  policies  with  the  second 
component,  the  Safend  agent,  a 
28K-bit  program,  and  automati¬ 
cally  downloads  the  package  to 
each  client  device. 

The  agent  resides  between  the 
operating  system  kernel  and  the 
various  peripheral  buses,  and  it 
can  inspect  every  packet 
exchanged  between  the  two, 
according  to  Safend  executives. 

The  agent  identifies  the  packet, 
consults  the  security  policy,  and 
either  allows  the  data  exchange 
to  take  place  or  blocks  it.  A  mes¬ 
sage  pops  up  to  alert  the  user 
about  why  his  iPod  can’t  down¬ 
load  a  patient  X-ray  for  example. 

Also  new  in  this  expanded  ver¬ 
sion  are  the  abilities  to  log  each 
policy  violation,  and  alert  admin¬ 
istrators  when  violations  occur. 


A  third  component,  Safend 
Auditor,  is  a  companion  pro¬ 
gram  that  runs  on  a  server  to 
monitor  all  the  interfaces  on  all 


the  network  clients.  Auditor 
interrogates  the  Registry  of 
every  PC  attached  to  the  corpo¬ 
rate  LAN.  The  software  analyzes 


the  Registry’s  record  of  activity 
to  identify  what  interfaces  are 
being  used,  what  peripherals  are 
being  attached  to  the  PC,  and 
which  of  those  devices  are  cur¬ 
rently  active. 

Administrators  can  see  infor¬ 
mation  arranged  by  user  or 
computer  name,  by  groups,  what 
devices  are  currently  active  on 
those  computers.  Successive 
screens  can  drill  down  in  some 
cases  to  the  specific  serial  num¬ 
ber  of  a  peripheral  device. 

There  are  a  number  of  rival 
companies  addressing  the  prob¬ 
lem  of  corporate  data  transfer  to 
peripherals,  including  Centennial 
Software,  McAfee,  and  Senforce 
Technologies. 

Safend  Protector,  with  Safend 
Auditor,  will  be  available  in 
September  and  cost  $32  per 
seat,  with  volume  discounts.  ■ 


IP  PBX  maker  to  launch  wireless  phone 


BY  PHIL  HOCHMUTH 

Zultys Technologies  this  week  is 
expected  to  announce  a  wireless 
IP  phone  aimed  at  users  of  the 
company’s  SIP-based  IP  PBX  and 
other  gear  based  on  the  VoIP 
standard. 

The  WIP  2  handset  is  an 
802.1  lb-based  IP  telephone  that 
features  push-to-talk,  instant  mes¬ 
saging  and  other  applications 
that  could  appeal  to  mobile 
workers  in  a  campus  or  ware¬ 
house  environment  with  wide¬ 
spread  wireless  LAN  coverage, 
Zultys  says. 

“Customers  have  been  asking 
for  a  wireless  phone  for  over  a 
year]’ says  Zultys’  CEO  Iain  Milnes. 
He  says  he  expects  Zultys  users 
from  the  construction,  medical 
and  retail  warehousing  industries 
to  adopt  the  Wi-Fi  phone. 

The  phone  uses  a  miniature, 
real-time  version  of  Linux  and 
can  run  such  applications  as  IM, 
where  messages  are  typed  with 
the  number  pad,  similar  to  cell 
phone  text  messaging.  The 
device  also  supports  presence, 
where  users  can  register  their 
availability  on  the  network  via 
the  phone.  A  push-to-talk  feature 
allowing  instant  connections 
between  WIP  2  users  is  included. 
(These  applications  require 


Zultys'  Wi-Fi  WIP  2  IP  phone  features 
push-to-talk  and  instant  messaging 
capabilities. 


Zultys’  IP  PBXs  on  the  back  end.) 

The  phone  has  two  line 
appearances,  allowing  it  to  han¬ 
dle  two  incoming  calls  at  once, 
as  well  as  support  for  three-way 
conferencing.  A  speakerphone 
also  is  built  in.The  phone  comes 
with  a  cradle  that  can  be  used  to 
recharge  the  device,  which  pro¬ 
vides  up  to  four  hours  for  con¬ 
tinuous  talk  and  12  hours  for 
standby  time  on  a  charge. 

The  phone  supports  802. Ip  for 
packet  prioritization,  allowing 
WIP  2  VoIP  traffic  to  gain  priority 


over  other  data  packet  types 
once  the  signal  hits  the  wired 
LAN.  (However,  the  phone  does 
not  support  any  type  of  “in-the- 
air”  QoS,  where  802.1 1  radio  sig¬ 
nals  are  prioritized,  as  with 
Spectralink’s  proprietary  IP 
phone  and  QoS  gateway  sys¬ 
tem.)  The  phone  encrypts  Real 
time  Transport  Protocol  (RTP) 
streams  with  128-bit  Advanced 
Encryption  Standard  security. 

To  secure  the  registration  of 
WIP  2  phones,  or  to  keep  unau¬ 
thorized  WIP  2  phones  off  a  net¬ 
work,  users  can  set  up  a  Zultys  IP 
PBX  to  recognize  only  certain 
media  access  control  (MAC) 
addresses  on  the  devices.  This 
access-list  method  can  also  be 
used  for  authenticating  the 
phones  against  WLAN  devices. 
The  phone  does  not  support 
802. lx  authentication. 

The  phone  works  with  any  of 
Zultys’  MX  series  of  IP  PBXs,  such 
as  the  50-phone  MX50,  250- 
phone  MX250  for  mid-size 
offices,  and  the  1,200-user 
MX1200,  which  can  scale  to 
multi-thousand  seats  via  cluster¬ 
ing.  All  of  Zultys’  IP  PBXs  are 
based  on  a  hardened,  real-time 
version  of  Linux  and  use  SIP  as 
the  call  setup  and  signaling  pro¬ 
tocol,  and  RTP  for  voice  packet 


transport. 

In  addition  to  the  Zultys  sys¬ 
tems,  the  WIP  2  phone  will  sup¬ 
port  basic  calling  features  with 
any  SIP-based  call  server  such 
as  the  open  source  Asterisk  IP 
PBX  platform,  or  other  pure  SIP 
servers  from  such  vendors  as 
3Com,  Alcatel,  Avaya,  Mitel  and 
Nortel. 

Also  offering  Wi-Fi-enabled  IP 
phones  similar  to  Zultys’  WIP  2 
are  Alcatel,  Avaya,  Cisco,  Mitel, 
Nortel,  Spectralink  and  Symbol. 

Pricing  for  the  WIP  2  phone  is 
not  set,  but  users  should  expect 
to  pay  about  $300  to  $400  for  the 
device,  which  is  the  cost  for 
Zultys’  higher-end  wired  IP 
phones,  according  to  Milnes.The 
WIP  2  phone  is  expected  to  be 
available  in  November. 

The  introduction  of  the  WIP  2 
follows  a  recent  refresh  of 
Zultys’  line  of  wired  SIP-based  IP 
phones;  the  company  intro¬ 
duced  five  models  in  March, 
including  those  featuring  power 
over  Ethernet  and  large  LCD  dis¬ 
plays.  ■ 
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Power 
Distribution 
Unit  (PDU) 


eals  in  hot  air,  prevents  mixing  with  room  air 


BEST  OF  INTEROP 


APC  solutions  that  carry 
the  " Blade-Ready "  Logo 
are  designed  to  handle  the 
demanding  network-critical 
physical  infrastructure 
requirements  of  high-density 
blade  server  applications. 


BLADE 

READY' 


Chamber  Doors 

Access  to  hot  aisle 
locks  for  security 


What  is 
data  center 
on  demand? 


Now  you  can  quickly  deploy  a 
standard-  or  high-density  site  of  My  size 
with  scalable,  top-tier  availability. 


Part 

Number 

Usable 

IT  Racks 

Average 
kW  per  Rack 

Price 
to  buy 

Price  to  lease 
(36  installments) 

ISXCR1SY1BK16P5 

1 

up  to  5kW 

$1 4,999* 

$499** 

ISXT240MD6R 

6 

up  to  5kW 

$1 49,999* 

$4,999** 

ISXT240MD11R 

11 

up  to  5kW 

$249,999* 

$7,999** 

ISXT280MD40R 

40 

up  to  5kW 

$699,999* 

$2 1,999** 

ISXT2800MD100R 

100 

up  to  5kW 

$1 ,649,999* 

$50,999** 

High  Density  Configuration  /shown  above) 

ISXT280HD8R 

8 

up  to  lOkW 

$399,999* 

$1 2,999** 

All  multi-rack  configurations  feature: 

/  N+ 1  power  and  cooling 
if  Secure,  self-contained  environment 
if  Peak  capacity  of  20kW  per  rack 
if  Enhanced  service  package 
if  Integrated  management  software 


High  density  upgrades  start  at  $1 0,999 
On-site  power  generation  options  start  at  $29,999 


Order  your  solution  today.  Call  888-289-APCC  x3429. 


InfraStruXure”  Manager 


Visit  today  and  receive  FREE  APC  White  Papers 

Visit  us  online  and  download  APC  White  Papers. 

i]  Don't  see  the  configuration  you  need? 

Try  APC's  online  InfraStruXure”  BuildOut  Tool  today  and  build  your  own  solution. 

Go  to  httpf/promojpcjwm  and  enter  key  code  c971x  Call  888-289-APCC  x3429 

*  Prices  do  not  include  IT  equipment  and  are  subject  to  change.  ##  Indicative  rates  are  subject  to  market  conditions.  ##*  Install  and  delivery  times  may  vary. 


atc 


Infrastructure 

DATA  CENTERS  ON  DEMAND 

Highly  available  and  manageable, 
quick-to-install,  scalable  architecture 
that  easily  supports  both  standard- 
and  high-density  applications. 

-  Up  to  20kW  a  rack  for  any 
blade  server  application 

-  Unlimited  racks 

-  Ships  in  5  days*** 

-  Installs  in  1  day*** 

-  Optional  on-site  power 
generation 

-  Raised  floor  not  required 

-  Vendor  neutral  guaranteed 
compatibility 


Tm  Slap*  to  Solving 
Coaling  Problem* 
Cautfld  by  Hlgb 
Saner  D«ploym*nl 


InfraStruXure “  can  be  purchased  as  a 
modular,  or  mobile  system 


InfraStruXure"  BuildOut  Tool 


Legendary  Reliability® 
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IEEE  working  on  mesh  standard 


BY  JOHN  COX 

The  IEEE  group  charged  with  creating  a 
standard  for  wireless  LAN  mesh  rounded  up 
15  proposals  at  last  week’s  802.11  meeting  in 
San  Francisco.  Members  of  the  802.11s  task 
group  hope  to  have  a  draft  standard  com¬ 
pleted  in  12  to  18  months. 

Today’s  wireless  IAN  mesh  networks  use 
proprietary  algorithms  and  are  typically 
deployed  outdoors.  With  an  IEEE  mesh  stan¬ 
dard  implemented  by  WLAN  vendors,  it’s  pos¬ 
sible  that  in  the  future  every  wireless  LAN 
would  also  be  able  to  configure  itself  as  a 
mesh  network,  similar  in  concept  to  the 
Internet. 

A  wireless  mesh  uses  a  radio  to  intercon¬ 
nect  access  points  and  route  wireless  packets 
over  the  best  available  route.  Mesh  benefits 
include  potentially  higher  performance  and 
greater  reliability 

Today’s  802.11  wireless  LANs  use  a  star 
topology:  users  link  wirelessly  to  an  access 
point,  which  then  links  via  Ethernet  cable  to  a 


LAN  switch. 

An  array  of  companies  —  including  BelAir 
Networks,  Nortel, Tropos  and  Strix  Systems  — 
are  already  selling  mesh  access  points  for 
802.1 1  wireless  LANs. 

Many,  such  as  BelAir  and  Tropos,  have 
focused  on  creating  very  large  outdoor  net¬ 
works  that  can  blanket  a  community  with  a 
WLAN  for  public  safety  applications  or 
Internet  access. 

The  Wi-Mesh  Alliance  (WMA)  is  a  group  of 
hardware,  software  and  other  vendors  that  is 
submitting  a  technology  proposal  to  the  1  Is 
task  group.  A  handful  of  complete  proposals 
and  10  partial  proposals  were  filed  last 
week,  according  to  WMA  member  Nortel. 
Other  Alliance  members  include  Accton 
Technology,  InterDigital,  NextHop  and 
Thomson. 

The  key  elements  in  the  proposals  concern 
the  algorithms  for  auto-discovery  and  for 
routing,  says  Bilel  Jamoussi,  director  of  strate¬ 
gic  protocols  and  standards  at  Nortel.  There 


might  be  some  hardware  elements  to  support 
QoS  in  unicasting  and  multicasting,  he  says. 
Both  of  these  transmission  types  let  a  mesh 
create  a  subset  of  access  points,  optimizing 
bandwidth  and  routing.  “When  you  enlarge 
the  network’s  geography,  and  are  streaming 
multimedia  over  it,  multicasting  lets  you  do 
that  efficiently  by  sending  [the  stream]  only 
to  those  access  points  that  are  interested  in 
it,”  Jamoussi  says. 

As  with  conventional  wireless  LANs, 802.1  Is 
mesh  networks’  security  will  be  based  on  the 
IEEE  802.1  li  standard.  Jamoussi  says  a  num¬ 
ber  of  extensions  to  lli  will  be  needed  for 
key  management  and  data  encryption 
requirements  in  a  mesh. 

One  controversy  that  some  vendors  have 
been  arguing  about  is  how  many  radios  are 
needed  to  create  efficient  wireless  backhaul 
connections  among  the  access  points  in  a 
mesh.  “The  alliance  proposal  supports  both 
single-  and  multiple-radio  configurations,” 
Jamoussi  says.  ■ 


Vontu  crawls  in  to  stop  data  leaks 


BY  ELLEN  MESSMER 

Vontu,  whose  product  line  is  designed  to  prevent  leakage  of  sensitive 
data  by  monitoring  corporate  networks,  says  it’s  now  developing  soft¬ 
ware  that  will  look  into  corporate  desktops  and  servers  to  find  inap¬ 
propriately  stored  data. 

The  software,  called  Discover,  is  scheduled  to  ship  next  quarter  as  part 
of  the  Vontu  5.0  suite.  It  will  use  “crawling”  technology  to  go  into  target¬ 
ed  file  servers  and  personal  computers  to  look  for  confidential  data  that 
shouldn’t  be  there, says  Steve  Roop,vice  president  of  marketing.  Industry 
analysts  say  such  searching  capabilities  are  new  to  the  nascent  data- 
leakage  prevention  market,  as  IDC  dubs  it,  but  are  already  being  used  in 
corporate  content-management  systems. 

Vontu’s  direct  data-monitoring  competitors,  including  Tablus, 
PortAuthority  Technologies  and  Reconnex,  don’t  have  products  that 
crawl  into  servers  and  desktops,  but  there  are  parallels  to  products 
from  StoredlQ  (formerly  Deepfile)  and  BlackBall,  says  Scott 
Crawford,  senior  analyst  with  Enterprise  Management  Associates,  in 
Boulder,  Colo. 

“There  are  products  that  crawl  into  computers  for  legitimate  rea¬ 
sons  to  find  data  for  purposes  of  policy  control,”  Crawford  says.“This 
is  where  Vontu  is  starting  to  overlap  into  another  area  of  enterprise 
management.” 

There  are  corporations  that  design  their  own  crawling  applications, 
says  Jim  Hurley  vice  president  of  research  at  Aberdeen  Group. 

Both  analysts  say  that  regulations,  including  the  statewide  California 
Database  Security  Breach  Act,  the  Gramm-Leach-Bliley  Act  for  financial 
services  firms  and  HIPAA,  are  factors  driving  corporations  to  beef  up 
efforts  to  prevent  unauthorized  disclosure  of  sensitive  data.  This  year, 
several  corporations,  including  Bank  of  America  and  Wachovia,  dis¬ 
closed  massive  data  leaks,  affecting  tens  of  thousands  of  customers. 

Vontu’s  Discover  software,  designed  to  run  on  a  Windows  or  Linux 
server,  will  locate  confidential  data  at  rest  anywhere  on  corporate 
servers  and  laptops  after  being  granted  access,  Roop  says. 

If  Discover  identifies  unauthorized  storage  of  sensitive  data,  it  creates 
an  incident  report  for  review  and  action  by  administrative  personnel. 
Discover  will  work  with  the  same  technology  used  in  the  company’s 
other  products,  Vontu  Monitor  for  monitoring  data  transmissions  and 


Vontu  Protect  for  blocking  outbound  e-mail  with  unauthorized  content. 

Data-leakage  prevention  products,  while  effective  in  identifying 
confidential  data,  are  sometimes  criticized  for  generating  false  posi¬ 
tives  (see  www.networkworld.com,  DocFinder:  8138).  In  recognition 
of  that, Vontu  is  working  to  improve  the  digital-hash  technique  it  uses 
to  create  a  “fingerprint”  of  sensitive  data,  such  as  Social  Security  num¬ 
bers  or  account  information,  so  that  multiple  hashes  will  be  used  to 
compare  and  identify  content  in  each  document,  Roop  says.“If  some¬ 
one  re-arranges  the  document,  it  won’t  matter,”  he  says. 

Vontu  Discover  will  start  at  $1 00,000.  ■ 


Microsoft  to  purchase  online 
e-mail  security  provider 

BY  JOHN  FONTANA 

Microsoft  last  week  announced  its  intent  to  acquire  FrontBridge 
Technologies,  a  provider  of  online  service  for  securing  and  archiving 
e-mail. 

Microsoft  plans  to  continue  running  the  company  and  offering  a 
service  to  provide  corporate  users  with  archiving  features  targeted 
at  e-mail  disaster  recovery,  as  well  as  compliance,  spam  and  virus 
protection. 

Terms  of  the  deal  were  not  announced,  but  Microsoft  said  all  160 
employees  of  FrontBridge,  headquartered  in  Marina  Del  Rey  Calif., 
would  stay  on  with  Microsoft. 

“It’s  a  good  move  for  Microsoft,”  says  Matt  Cain,  an  analyst  with 
Gartner.  “It  highlights  the  increasing  [corporate]  demand  for  e-mail 
hygiene  services  and  the  growing  demand  for  this  delivery  model.” 

The  deal  comes  almost  five  months  after  Microsoft  acquired  Sybari 
Software  and  its  anti-virus  and  anti-spam  products.  Cain  says  Microsoft 
now  has  two  of  the  three  methods  for  delivering  e-mail  hygiene:  host¬ 
ed  (FrontBridge)  and  premise  (Sybari). Microsoft  lacks  an  appliance. 

Postini  and  Message  Labs  are  the  other  two  major  providers  offering 
e-mail  security  as  a  service  over  the  Internet.  ■ 
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NetScaler  makes 

any  application 

run  up  to 

15  times  faster 

for  anyone,  anywhere. 


©  2005  NetScaler,  Inc.  All  trademarks  are  the  properties  of  their  respective  owners. 


#1  in  Customer  Satisfaction' 


NetScaler  Cisco 


Every  day,  leading  Global  2000  enterprises, 
including  the  five  largest  e-businesses  in  the 
world,  rely  on  NetScaler  to  dramatically  accel¬ 
erate  application  performance.  All  without 
adding  servers,  bandwidth,  or  consultants. 
Perhaps  that’s  why  ^PfPjfP||||P|^iWjH|W|j| 
NetScaler  is  rated  #1  B8H 
in  customer  satisfac¬ 
tion  among  Layer  4-7  fl 

■  H  Mi  23'  ■ 

networking  vendors.  ™  ^*_^^*_* 

See  what  NetScaler 

'Percent  of  customers  who  gave 
can  do  for  you  at  vendor  5-out-of-5  rating  for 

overall  customer  satisfaction. 
WWW.  netscaler.  com/1 5x  Frost  &  Sullivan.  May  2005. 


F  YOU’RE  CONSIDERING  VOICE  OVER  IP  TELEPHONY,  CONSIDER  YOUR  OPTIONS: 
ONLY  FOUNDRY  NETWORKS  GIVES  YOU  A  TRUE  VENDOR  AGNOSTIC  SOLUTION  THAT 
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WORKS  WITH  THE  EQUIPMENT  YOU  CHOOSE  -  OR  ALREADY  HAVE.  SO  WHETHER 

YOU’RE  USING  AVAYA,  SIEMENS,  CISCO  OR  NORTEL,  FOUNDRY  NETWORKS  GIVES 
VOICE  TO  YOUR  NETWORK! 

Foundry’s  integrated  Power  over  Ethernet-  and  Quality  of  Service-based  switches  deliver  the  most  scalable,  secure  VoIP 
architecture,  with  the  lowest  latency  and  highest  performance  for  both  wired  and  wireless  IP  telephony.  Foundry  sup¬ 
ports  all  the  VoIP  features  you  need,  including  automatic  phone  discovery,  embedded  endpoint  security,  dynamic  L2-3 
QoS  support  and  wireless  mobility.  And  only  Foundry  lets  you  select  best-of-breed  or  low-cost  IP  phones,  conferencing, 
PBX,  and  voice/media  gateway  solutions  and  be  assured  of  full  compatibility. 


FOUNDRY 


NETWORKS 


Want  VoiP?  get  foundry.  Nd  compromise. 


The  Power  of  Performance ™ 


Visit  us  Today  at  www.foundrynetworks.com/voip 

or  call  US:  l  B8S  Turbolan  International:  +1  4CB.5S6.17QC 


Foundry  Networks,  Inc.  is  a  leading  provider  of  high-performance  Enterprise  and  Service  Provider  switching,  routing  and  Web  traffic  management  solutions  including  Layer  2/3 
LAN  switches,  Layer  3  Backbone  switches,  Layer  4-7  Web  switches,  wireless  LAN  and  access  points,  access  routers  and  Metro  routers. 

©  2005  Foundry  Networks,  the  Foundry  logo,  Fastlron  SuperX,  The  Power  of  Performance  and  Foundry  are  trademarks  of  Foundry  Networks,  Inc. 

All  other  marks  are  trademarks  of  their  respective  owners. 
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MET  INFRASTRUCTURE 

SECURITY  ■  SWITCHING  9  ROUTING  M  VPNS  U  BANDWIDTH  MANAGEMENT  M  VOIP  a  WIRELESS  LANS 


3Com  to  pay  for  threat  tips 


Short  Takes 


B  A  flaw  in  the  software  used  to 
remotely  access  computers  running 
Windows  could  leave  users  vulnera¬ 
ble  to  a  denial-of-service  attack, 

the  company  said  last  week.  The  vul¬ 
nerability  does  not  let  attackers  gain 
control  of  Windows  systems,  but  they 
could  use  it  to  repeatedly  cause 
affected  computers  to  crash.  This 
would  be  done  by  creating  specially 
crafted  messages  using  the  Remote 
Desktop  Protocol,  which  is  used  by 
Windows’ Terminal  Services  and 
Remote  Desktop  Sharing  features, 
Microsoft  says.  The  company  is 
advising  users  to  either  block  the 
port  that  uses  RDP  (Port  3389)  or  to 
disable  the  remote  access  features 
that  use  them.  Terminal  Services  is 
used  by  Windows  2000  and  Windows 
Server  2003.  Remote  Desktop 
Sharing  is  used  by  Windows  XP. 
Microsoft  will  issue  a  patch  for  the 
vulnerability,  but  has  not  yet  decided 
whether  it  will  be  part  of  the  compa¬ 
ny’s  next  group  of  security  patches, 
scheduled  for  Aug.  9,  a  Microsoft 
spokeswoman  says. 

■  Following  its  acquisition  of  Kelkea 
in  June,  Trend  Micro  last  week 
announced  an  anti-spam  offering 
based  on  the  acquired  company’s 
reputation  services. Trend  Micro 
Network  Anti-Spam  Services  blocks 
40%  to  80%  of  e-mails  sent  by  suspi¬ 
cious  IP  addresses  from  entering  an 
organization,  company  officials  say. 
The  services  are  based  on  the  Trend 
Micro  Threat  Prevention  Network, 
which  monitors  Internet  traffic  and 
flags  IP  addresses  that  show  behav¬ 
ior  indicating  spam  such  as  sending 
hundreds  of  thousands  of  messages 
at  once.  By  blocking  e-mail  from 
such  IP  addresses,  the  Anti-Spam 
Services  help  lighten  the  load  of 
anti-spam  filters  residing  on  an  orga¬ 
nization's  e-mail  gateway,  boosting 
performance.  The  services  include 
the  Trend  Micro  real-time  black  hole 
list  Service, which  checks  lists  of  sus¬ 
pect  IP  addresses,  at  $1.29  per  seat, 
and  the  Trend  Micro  Anti-Spam 
Service  that  tracks  zombie  PCs,  at 
$3.87  per  seat. 


BY  PHIL  HOCHMUTH 

3Com  this  week  is  expected  to  launch  a 
program  that  offers  cash  payments  to 
members  of  the  security  community  in 
return  for  information  on  potentially  dam¬ 
aging  Internet-based  security  threats. 

The  “Zero  Day  Initiative”  is  an  attempt  to 
bring  the  disclosure  of  security  vulnerabili¬ 
ties  to  the  forefront  quicker  by  giving  inde¬ 
pendent  security  researchers  incentive  for 
pointing  out  holes  in  software  and  hard¬ 
ware  products  that  could  lead  to  network 
attacks. 

Some  observers  call  the  program  a  posi¬ 
tive  step  toward  making  networks  safer, 
while  others  question  how  such  a  payoff 
system  would  work,  or  whether  third-party 
vendors  —  including  3Com  competitors  — 
would  react  negatively  to  a  system  in  which 
3Com  gives  money  to  individuals  for  infor¬ 
mation  about  product  vulnerability  before 
the  affected  vendors  know  about  them. 

3Com  says  the  program  will  help  stream¬ 
line  the  disorganized  system  by  which  vul¬ 
nerabilities  are  disclosed. 

“We’re  going  to  be  able  to  address  a  large 
amount  of  researchers  who  may  not  nec¬ 
essarily  be  contacting  vendors  on  their 
findings  regarding  security  vulnerabilities,” 
says  David  Endler,  director  of  security 
research  for  3Com’s  TippingPoint  division. 
(3Com  acquired  IDS/security  vendor 
TippingPoint  in  2004  for  $430  million.) 

In  the  Zero  Day  Initiative  system,  a 
researcher  who  discovers  a  vulnerability  will 


New  software  keeps 
data  in  local  memory 

BY  TIM  GREENE 

Swan  Labs  is  updating  its  WAN  accelera¬ 
tion  devices  to  help  customers  improve 
application  response  times. 

On  the  hardware  side,  the  company  is 
phasing  out  its  NetCelera  devices  in  favor 
of  a  new  line  called  WANJet,  packed  with 
extra  memory  capable  of  storing  large 
blocks  of  data  locally  so  they  don’t  have  to 
be  sent  in  their  entirety  across  the  WAN.  By 
not  waiting  for  data  to  make  the  trip,  end 
users  get  faster  file  downloads  and 


Security  worries 

A  survey  of  133  organizations  by 
Gartner  ranked  the  top  security 
concerns  on  a  scale  from  1  (No 
doncern  at  all)  to  10  (Extremely 
concerned). 


IT  Security  Threat 

Rating 

Viruses  and  worms 

7.6 

Outside  hacking  or  cracking 

7.1 

Identity  theft  and  phishing 

7.0 

Spyware 

6.8 

Denial  of  service 

6.6 

Spam 

6.3 

Wireless  and  mobile  device  viruses 

6.2 

Insider  threats 

6.2 

Zero-day  threats 

5.9 

Social  engineering 

5.9 

Cyberterrorism 

5.6 

log  the  finding  on  a  Web  portal.  3Com  secu¬ 
rity  will  then  analyze  the  vulnerability  and 
within  one  to  three  days,  either  dismiss  or 
verify  the  threat. 

If  a  threat  is  verified,  the  submitting  party 
is  notified  via  the  portal  and  given  a  mone¬ 
tary  reward  through  PayPal,  or  other  money 
transfer  system, such  as  Western  Union. 

With  the  acceptance  of  the  reward,  the 


response  times  from  applications,  the 
company  says. 

This  is  a  step  up  from  traditional  com¬ 
pression  also  used  on  the  devices  that 
looks  for  smaller  patterns. 

Swan  devices  sit  at  either  end  of  WAN 
connections  examining  packet  flows, 
compressing  traffic,  shaping  it  and  opti¬ 
mizing  TCP  to  improve  throughput.  Other 
vendors,  including  Expand,  NetScaler, 
Packeteer,  Peribit  and  Riverbed  Technol¬ 
ogy,  also  optimize  WANs  by  multiple  meth¬ 
ods,  with  each  vendor  using  a  different 
techniques. 

On  the  software  side,  Swan  is  adding  the 
ability  to  store  blocks  of  data  in  RAM  as 


submitter  agrees  to  keep  the  vulnerability 
private  while  3Com  sets  up  its  customers 
with  technology  that  blocks  the  vulnera¬ 
bility  and  notifies  affected  vendors.  Once 
vendors  release  patches  and  fixes,  3Com 
and  the  vendors  coordinate  public  disclo¬ 
sure  of  the  vulnerability,  with  the  original 
researcher  getting  full  credit  for  the  find. 

Endler  says  3Com  has  earmarked  “consid¬ 
erable  resources”  for  this  effort,  but  will  not 
say  how  much  money  it  will  pay  for  vulner¬ 
ability  findings,  or  how  much  it  has  pooled 
for  future  payouts. 

“Most  dangerous  attacks  are  now  attacks 
that  target  specific  companies  for  financial 
gain. There  is  financial  incentive  here,”  says 
John  Pescatore,  an  analyst  with  Gartner. 
“3Com  offering  a  few  thousand  dollars  for 
vulnerabilities  isn’t  really  going  to  provide 
more  financial  incentive  for  the  attackers. 
There  are  also  easy  opportunities  for  attack¬ 
ers  to  submit  the  vulnerabilities  to  3Com 
after  they  have  exploited  them.” 

“I  think  this  is  going  to  require  a  strong 
degree  of  cooperation  among  vendors,” 
says  Zeus  Kerravala,  an  analyst  with  The 
Yankee  Group.  He  says  3Com  will  be  under 
scrutiny  from  industry  peers  and  direct 
competitors  to  disclose  both  third-party  vul¬ 
nerabilities,  as  well  as  weaknesses  in 
3Com’s  own  products.  Overall,  the  system 
could  be  a  step  in  the  right  direction. 

“It’s  always  good  for  the  industry  to  have  a 
central  repository  for  vulnerability  warnings,” 
Kerravala  says.B 


they  are  sent  so  that  when  the  same  block 
is  required  in  later  transmissions,  it  doesn’t 
have  to  be  sent  across  the  wire.  Instead,  the 
sending  machine  sends  a  brief  cue  that 
indicates  what  previously  sent  block  to 
use.The  receiving  WANJet  pulls  that  block 
from  memory  and  sends  it  along  to  the 
local  machine  that  requested  it. 

Swan  calls  this  process  Transparent  Data 
Reduction  and  says  it  can  reduce  WAN 
traffic  95%  or  more,  depending  on  what  is 
being  sent.To  accommodate  this,  the  com¬ 
pany  has  increased  the  memory  in 
WANJets,  for  example,  from  2G  bytes  in  its 
old  NetCelera  400  to  4G  bytes  in  the  new 

See  Swan,  page  24 


Swan  Labs  bolsters  WAN  traffic  shapers 
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SonicWal  screens  viruses  and  spyware 


BY  TIM  GREENE 

With  an  eye  toward  eliminating  the  need 
for  customers  to  confront  nefarious  pro¬ 
grams  on  each  corporate  desktop, 
SonicWall  this  week  is  broadening  the  pro¬ 
tection  offered  by  its  content-filtering 
appliance  with  the  addition  of  anti-virus 
and  anti-spyware  software. 

Content  Security  Manager  2100  CF  now 
supports  software  to  protect  against  these 
attacks,  as  well  as  a  service  to  provide  virus 
and  spyware  signature  updates.  Content 
Security  Manager  resides  on  the  edge  of  a 
network,  inspecting  packets  as  they  pass 
through  the  device  and  dropping  connec¬ 
tions  that  fail  to  meet  security  policies. 

The  device  is  attractive  to  some  cus¬ 
tomers  because  of  its  price,  which  is  less 
than  $5,000  for  250  users  vs.  more  than 
$7,500  for  WebSense  and  SurfControl  gear 
that  performs  the  same  functions.  For 
example,  price  influenced  PM  Systems,  in 
Columbia,  S.C.,  network  consultants  to 
credit  unions,  which  sells  the  devices  to  its 
customers,  says  Chris  Kroll,  a  security  ana¬ 
lyst  for  PM  Systems. 


PM  Systems  was  looking  for  an  inexpen¬ 
sive  Web  filter  for  its  customers  and  also 
considered  alternatives  such  as  Secure 
Computing’s  SmartFilter,  ISS  OrangeBox, 
Blue  Coat  WebFilter,  and  Trend  Micro’s 


InterScan  eManager,  he  says.  But  the 
Content  Security  Manager  had  its  own  pol¬ 
icy  database  that  didn’t  rely  on  outside 
gear,  such  as  SQL  databases  or  RADIUS 
servers,  Kroll  says,  an  expense  credit 
unions  wanted  to  avoid,  because  they 
aren’t  large  enough  to  warrant  the  cost. 

Another  customer,  First  Federal  Bank  in 


Charleston,  S.C.,  was  satisfied  using  the 
device  for  content  filtering,  and  plans  to 
turn  on  the  virus  and  spyware  filtering, 
says  Eric  Enghauser,  network  analyst  for 
the  bank.“We  evaluated  it  for  the  Web  filter, 


but  the  anti-virus  came  along  with  it,”  he 
says.  First  Federal  already  had  client-based 
virus  and  spyware  protection,  but,  he  says, 
“this  gives  us  an  extra  layer  of  protection.” 

One  potential  problem  is  that  if  the  hard¬ 
ware  suffers  a  catastrophic  failure,  the 
device  blocks  all  traffic  on  the  line, 
SonicWall  says.  Customers  can  get  around 


the  problem  by  deploying  them  in  pairs, 
with  one  configured  to  take  over  if  the 
other  fails.  Kroll  says  some  of  his  cus¬ 
tomers  use  the  Internet  only  for  research¬ 
ing  business-related  topics,  but  not  as  a 
WAN  carrying  critical  applications,  so  if 
the  box  failed,  it  would  not  have  a  major 
impact  on  business.  Users  could  wait  until 
a  single  box  was  removed  from  the  data 
path  and  repaired,  he  says. 

A  future  version  will  have  it  pass  traffic 
through  when  it  fails,  SonicWall  says. 

The  device  supports  as  many  as  2,500 
users  and  contains  a  dynamic  real  time 
rating  (DRTR)  engine  that  decides  based 
on  content  whether  a  site  should  be 
blocked  if  it  is  not  listed  in  SonicWall’s 
database  of  56  Web  site  categories.  Sites 
that  DRTR  deems  inappropriate  are 
checked  by  a  human  within  24  hours  to 
verify  the  ratings,  SonicWall  says. 

Base  price  for  Content  Security  Manager 
2100  CF  is  $2,375  for  the  hardware,  a  year’s 
subscription  to  signature  updates  and  a 
license  for  25  users.  The  same  package  for 
2,500  users  is  $7,500  per  year.  ■ 


SonicWall’s  Content  Security  Manager  2100  CF  helps  users  deal  with  viruses,  spyware 
and  inappropriate  Web  sites. 


Computer  attacks  down, 
security  survey  says 


BY  ROBERT  MCMILLAN, 

IDG  NEWS  SERVICE 

While  the  cost  of  fending  off 
hackers  appears  to  be  dropping 
for  U.$.  companies,  attacks  that 
involve  unauthorized  access  to 
information  are  becoming  much 
more  costly,  according  a  survey 
recently  published  by  the 
Computer  Security  Institute  and 
the  FBI. 

The  survey,  which  included 
about  700  respondents  from  the 
government  and  a  variety  of 
industries,  found  that  average 
losses  related  to  computer 
attacks  dropped  by  61%  in  2004. 
On  average,  companies  say  com¬ 
puter  and  network  attacks  cost 
them  $204,000  last  year,  down 
from  an  average  of  $526,000 
in  2003.  The  report  did  not 
explain  how  specific  factors, 
such  as  loss  of  employee  pro¬ 
ductivity  or  security  consultant 
fees,  contributed  to  these  costs. 

This  marks  the  fourth  consecu¬ 
tive  year  that  this  number 
has  declined,  says  Robert 
Richardson,  report  co-author 


Networks 
fight  back 

On  average,  companies 
reported  that  computer  and 
network  attacks  cost  them 
$204,000  last  year,  down  from 
an  average  of  $526,000  in 
2003. 

SOURCE:  OSI/FBl  Computer  Crime 
and  Security  Survey 

and  editorial  director  of  CS1,  an 
association  of  computer  and 
network  security  professionals 
in  San  Francisco. 

Part  of  the  reason  for  the  drop 
is  that  companies  have  become 
better  at  protecting  themselves, 
Richardson  says.“For  your  run-of- 
the-mill  virus,  your  average  orga¬ 
nization  has  that  under  control,” 
he  says.  “There’s  a  very  fast  reac¬ 
tion  on  the  part  of  anti-virus  ven¬ 
dors,  and  there  are  automated 
pathways  to  update  the  virus 
data  on  enterprise  networks.” 

However,  the  cost  of  informa¬ 


tion  theft  jumped  considerably 
in  2004.  “To  some  degree,  the 
heat  of  hacker  activity  has 
moved  to  identity  theft,” 
Richardson  says. 

The  survey  found  that  the 
average  net  loss  attributable 
to  unauthorized  information 
access  increased  from  more  than 
$51,000  in  2003  to  more  than 
$300,000  last  year.  Attacks  that 
resulted  in  the  theft  of  propri¬ 
etary  information  cost  compa¬ 
nies  more  than  $355,000  on  aver¬ 
age  in  2004, up  from  $169,000  the 
previous  year. 

CSI’s  survey  was  done  in  con¬ 
junction  with  the  San  Francisco 
division  of  the  FBI’s  Computer 
Intrusion  Squad. 

Given  the  demographics  of  the 
survey’s  participants,  it’s  not  sur¬ 
prising  that  they’re  suffering  less 
damage  from  attacks.  “We  ask 
people  who  care  about  security” 
Richardson  says.  “They  care 
enough  [about  security]  to  be 
members  of  a  professional  orga¬ 
nization,  so  my  hunch  is  they’re 
trying  to  get  better  at  security.”  ■ 


Swan 

continued  from  page  23 
WANJet  SL  400. 

The  software  also  uses  SSL  to 
encrypt  traffic  sent  across  the 
WAN.  While  compressed  data  is 
difficult  to  intercept  and  then 
decompress,  it  is  not  considered 
encrypted,  the  company  says. “It 
would  not  be  impossible  to 
reverse  engineer  what  we’ve 
done  [with  compression]  and 
capture  data,”  says  Tom  Tansy, 
Swan’s  vice  president  of  market¬ 
ing. 

The  SSL  encryption  is  impor¬ 
tant  to  CitiStreet,  an  employee 
benefits  provider  in  Quincy, 
Mass.,  which  replicates  data 
nightly  overT-3  circuits  to  a  data 
center  in  Florida,  says  Barry 
Strasnick,  the  company’s  CIO. 
“Because  we  are  sensitive  about 
the  security  of  our  clients’  data, 
and  even  though  these  are  dedi¬ 
cated  lines,  we  insist  on  full 
encryption  of  transmissions 
such  as  these.” 

Line  improvement 

The  Swan  boxes  enable  more 
efficient  use  of  the  T-3s  for  faster 
replication  times  and  full 
encryption  of  the  data,  he  says. 
“The  Swan  software/hardware 
provides  us  the  capability  to 
offload  both  the  encryption  and 


compression  from  our  large  HP- 
UX  computers,”  he  says.“We  have 
had  better  transmission  through¬ 
put  and  reduced  host  CPU 
cycles,  and  we  were  able  to  do  it 
while  still  enabling  full  encryp¬ 
tion.” 

Also  new  is  real-time  reporting 
capability  that  gives  customers  a 
view  of  how  well  applications 
are  performing  and  to  adjust  the 
devices  based  on  actual  net¬ 
work  conditions. 

Swan  also  is  adding  an  API  to 
encourage  application  develop¬ 
ers  to  write  protocol-proxy  soft¬ 
ware  that  will  optimize  specific 
applications  for  transmission 
across  IP  networks.  While  Tansy 
says  the  company  is  negotiating 
with  application  vendors  for  use 
of  the  API,  he  would  not  say 
which  ones. 

This  is  part  of  Swan’s  Session 
Matrix  Architecture,  which  tunes 
WANJets’  treatment  of  individual 
applications  so  they  aren’t  crip¬ 
pled  by  unacceptably  high  pack¬ 
et  loss  and  delay  Tansy  says. 

WANJets  come  in  two  models, 
SL  200  and  SL  400,  and  scale 
from  support  for  64K  bit/sec 
connections  up  to  622M  bit/sec. 
They  range  in  price  from  $1,500 
to  $98,000.  SL  400  includes  bays 
for  RAID  devices,  and  SL  200  has 
a  slot  for  a  hard  disk  to  store 
more  data  locally  ■ 
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ENTERPRISE  COHPUTIHfl 

VMware  virtually  primed  for  dual  core 


Doubling  up 

A  look  at  how  ISVs  are  pricing  their  software  for  duai-core  systems: 


Vendor 

Pricing 

BEA 

25%  premium  for  software  running  on  dual-core  processors. 

IBM 

Per  CPU  on  x86  dual-core  systems,  though  it  charges  per  core  for  software  running  on 
its  Power5  dual-core  machines. 

Microsoft 

Per  CPU. 

Oracle 

Per  core,  though  it  will  figure  licensing  costs  by  multiplying  the  number  of  cores  by  0.75. 

SWsoft 

Per  CPU. 

VMware 

Charges  per  CPU,  regardless  of  the  number  of  cores. 

BY  JENNIFER  MEARS 

VMware  is  preparing  its  server  virtualiza¬ 
tion  software  to  support  dual-core  systems 
and  says  it  plans  to  charge  for  the  technol¬ 
ogy  per  CPU,  rather  than  per  core. 

“Customers  will  be  able  to  utilize  in¬ 
creased  processing  power  available  on 
these  systems  at  the  same  cost  [as  they  pay 
for  single-core  servers],  so  they’ll  be  getting 
more  bang  for  the  buck,”  says  Raghu 
Raghuram,  senior  director  of  strategy  and 
market  development  at  VMware. 

Raghuram  says  VMware  GSX  Server  3.2, 
expected  to  be  released  in  the  next  few 
weeks,  will  be  the  first  VMware  product  to 
support  dual-core  systems.  Support  for 
dual-core  servers  in  VMware  ESX  Server 
and  its  management  product, VirtualCenter, 
will  follow  shortly  after,  Raghuram  says. 
VMware  Workstation  already  supports  dual¬ 
core  processors  on  the  desktop. 


Short  Takes 


■  Intel  last  week  took  the  wraps  off 
two  Itanium  2  processors,  aimed  at 
tiding  the  company  over  until  the 
expected  launch  of  its  first  dual-core 
Itanium  processor  later  this  year.  The 
company  added  the  1.66-GHz  proces¬ 
sors,  one  with  6M  bytes  and  the  other 
with  9M  bytes  of  Level  3  cache.  The 
processors  have  a  667-MHz  front-side 
bus,  which  can  improve  high-end 
server  performance  by  providing  a 
faster  link  between  the  CPU  and  the 
system's  main  memory. 

■  Backspace  Managed  Hosting 

has  unveiled  Red  Label,  a  bundle  of 
Linux  software  and  services  running 
on  Dell  servers.  The  move  came  in 
response  to  demand  from  high-end 
users  looking  for  a  vendor  to  manage 
their  Linux  deployments,  according  to 
Rackspace.  Red  Label  services 
include  application  infrastructure 
support  for  software,  such  as  data¬ 
bases  from  Oracle  and  MySQL  and 
the  JBoss  and  Apache  Web  servers. 
Rackspace  plans  to  assign  a  lead 
engineer  to  each  Red  Label  customer. 


Dual-core  servers  have  two  processing 
cores  on  each  CPU.  The  architecture  is 
being  adopted  by  chip  makers  as  a  way  to 
increase  performance  while  keeping  a 
handle  on  power  and  heat. 

IBM  has  had  a  dual-core  Reduced  In¬ 
struction  Set  Computing  (RISC)  chip  since 
2001,  and  Sun  and  HP  unveiled  their  dual¬ 
core  RISC  processors  early  last  year.  AMD 
introduced  the  dual-core  Opteron  in  April. 
Intel  is  expected  to  release  its  dual-core 
Itanium  chip  by  year-end  and  a  dual-core 
Xeon  shortly  thereafter.lt  introduced  a  dual¬ 
core  Pentium  processor  earlier  this  year. 

While  dual-core  systems  become  the 
standard  for  systems  vendors  —  Gartner 
predicts  that  chip  makers  will  stop  manu¬ 
facturing  single-core  processors  as  early  as 
next  year  —  how  quickly  they  are  adopted 
by  business  users  largely  depends  on  how 
independent  software  vendors  charge  for 
their  software  on  the  dual-core  platforms. 

In  deciding  to  charge  per  CPU, rather  than 
per  core, VMware  joins  such  vendors  as  IBM 
and  Microsoft,  which  also  have  announced 


When  it  comes  to  access,  authentication 
and  logon  —  are  you  still  using  simple 
passwords?  You  know,  minimum  six  char¬ 
acters  (or  even  four),  case  insensitive,  no 
requirement  for  mixed  alphanumerics  or 
special  characters. 

As  security  expert  Bruce  Schneier  said 
in  this  magazine  in  the  spring  (www.net 
workworld.com,  DocFinder:  8133):  “Pass¬ 
words  just  don’t  work  anymore.  As  com¬ 
puters  have  gotten  faster,  password  guess¬ 
ing  has  gotten  easier.  Ever-more-complicat¬ 
ed  passwords  are  required  to  evade  pass- 
word-guessing  software.  At  the  same  time, 
there’s  an  upper  limit  to  how  complex  a 
password  users  can  be  expected  to 
remember? 

I’m  bringing  this  up  because  Sun  recent¬ 
ly  announced  it  would  be  donating  its 
enterprise  single  sign-on  (ESSO)  technolo¬ 
gy  to  the  open  source  movement 


that  they  will  charge  per  CPU  on  dual-core 
x86  systems.  Oracle,  which  had  been  charg¬ 
ing  per  core,  recently  altered  its  licensing  pol¬ 
icy  (www.networkworld.com,  DocFinder: 
8137). Instead  of  considering  each  core  a  sin¬ 
gle  processor,  it  will  consider  each  core  three 
0.75  of  a  processor  for  software  licensing. 

“Dual-core  processing  is  very  clearly  the 
future.  It’s  going  to  be  as  common  as  the 


(DocFinder:  8134). 

The  OpenSSO  project,  if  it  follows  the 
trend  of  other  major  open  source  projects, 
should  lead  to  very  workable,  easily  imple¬ 
mented  and  very  inexpensive  ESSO.  That 
means  if  you  don’t  already  have  an  ESSO 
project  implemented  or  in  planning, you’ll 
soon  be  facing  enormous  pressure  to  do 
so. 

ESSO  is  a  tempting  technology  We  want 
to  make  passwords  stronger  by  requiring 
longer  strings  of  mixed-case  letters  and 
numerics  with  a  special  character  or  two 
thrown  in. 

But  users  who  can’t  remember  multi¬ 
ple  simple  passwords  have  no  hope  of 
remembering  multiple  complex  pass¬ 
words.  Either  they’ll  write  them  on  notes 
that  they  tape  to  their  monitor  —  or, 
here’s  a  sneaky  trick:  on  the  underside 
of  the  desk  blotter.  (I  wonder  where  their 
spare  front  door  key  is!) 

A  good  ESSO  package  allows  you  to 
have  a  single  password  in  order  to 
access  the  resources  and  services  on  a 
network.  Of  course,  if  there’s  only  one 


move  toward  64-bit  x86,”  says  Charles  King, 
principal  analyst  at  Pund-IT  research.“Right 
now,  [dual  core]  is  more  of  an  early  adopter 
thing,  but  the  uptake  on  64-bit  and  how 
quickly  the  market  has  taken  to  that  has 
alerted  companies  like  VMware  to  the 
opportunities  here.  They  are  positioning 
themselves  for  significant  market  changes 
that  are  just  around  the  corner.”  ■ 


password  needed  to  access  all  of  a 
user’s  privileges,  then  it  should  be  par¬ 
ticularly  strong.  But  strings  such  as 
Asdf2%Wssd43!!AZgf  will  not  be  remem¬ 
bered  by  users.  So  it’s  time  to  think 
about  strong  authentication  based  on 
one-time  passwords,  smart  cards/prox¬ 
imity  cards  or  even  biometrics. 

There  have  been  major  advances  in 
these  areas  over  the  past  few  years,  so 
recheck  if  you  dismissed  them  as  either 
too  pricey  or  unworkable  some  time 
ago. 

If  you’re  into  open  source,  then  check 
first  with  the  Initiative  for  Open  Authenti¬ 
cation  (OATH)  at  DocFinder:  8135. There 
is  lots  of  information,  pointers,  protocols 
and  specifications  to  get  you  started  on 
the  road  to  the  strong  authentication 
that  will  be  necessary  for  your  ESSO 
environment. 

Kearns,  a  former  network  administrator, 
is  a  freelance  writer  and  consultant  in 
Silicon  Valley.  He  can  be  reached  at 
wired@quill.  com. 


Network  access  question 


EMC  HAS  EVERYTHING  YOU  NEED  TO  MANAGE  YOUR  INFORMATION  EFFECTIVELY. 


Get  more  out  of  your  IT  resources  with  EMC.  From  world-class  services  and 
solutions  to  open  software  and  proven  systems,  EMC  provides  tight  integration 
for  full  compatibility  with  your  existing  infrastructure.  So  you  can  manage  your 
information  across  its  entire  lifecycle  while  you  manage  your  budget.  To  learn  more, 
visit  www.EMC.com. 


EMC2,  EMC,  and  where  information  lives  are  registered  trademarks  of  EMC  Corporation.  ©  Copyright  2004,  2005.  EMC  Corporation. 
All  rights  reserved. 
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IBM  exec  extols  future  of  SOA 


IBM  invests  about  $1  billion  per 
year  in  its  strategic  service  orient- 
ed-architecture  technologies.  The 
company  has  been  busy  this  year, 
focusing  on  technologies  that 
could  become  part  of  customer 
SOA  rollouts.  For  example,  Big  Blue 
recently  unveiled  a  version  of  its 
WebSphere  software  with  updated  SOA  capabilities 
and  offered  free  access  to  online  training  to  help  cus¬ 
tomers  build  SOA.  And  this  month  IBM  partnered  with 
Microsoft  to  turn  over  to  a  standards  body  a  key  set  of 
Web  services  security  specifications  that  could  enable 
the  trusted  exchange  of  data  between  partners. 
Michael  Liebow,  vice  president  of  Web  Services  and 
SOA  at  IBM  Global  Services,  took  the  time  to  speak 
with  Network  World  Senior  Editor  Denise  Dubie  about 
why  IBM  deems  SOA  so  critical  to  the  company’s  and 
its  customers’ computing  future. 


What  is  IBM's  take  on  SOAP 

I’m  always  afraid  to  answer  that  question  because  if  I  say 
it’s  really  big,  then  people  tend  to  say  it  can’t  be  that  big.  But 
it  is  that  big. The  issue  you  get  into  with  SOA  is  the  design 
point  of  how  you  change  the  solutions  to  adapt  to  this  new 
computing  platform.  It’s  changed  dramatically,  but  it  hasn’t 
changed  overnight.  A  lot  of  people  may  be  hearing  about 


SOA  for  the  first  time,  but  it’s  something  that  has  been  brew¬ 
ing  for  quite  a  while.  It’s  safe  to  say  for  the  last  10  to  15  years 
there  has  been  a  vision  of  this  future  that  has  been  hard  to 
do,  hard  to  realize.  It’s  not  something  that  has  just  been 
cooked  up  by  somebody  in  some  back  room.There  has 
been  an  effort  that  has  been  going  on  to  horizontally  inte¬ 
grate  companies  to  provide  for  varying  amounts  of  re-use, 
more  flexible  IT  architectures  to  support  business  require¬ 
ments. 

What  types  of  investments  help  further  SOA  efforts? 

IBM,  as  a  company  has  significantly  invested  just  over  the 
past  five  or  six  years  with  investments  with  Web  services  stan¬ 
dards.  We’ve  been  able  to  take  a  lot  of  ground  in  achieving 
this  vision.  Now  why  did  I  jump  from  SOA  to  Web  services?  A 
lot  of  people  say  they  don’t  acquaint  the  two. The  difference 
here  is  that  SOA  is  a  notion  around  services  orientation  in 
your  enterprise  architecture  and  the  definition  of  which  is 
the  abstraction  of  business  process  away  from  the  underlying 
IT  and  application  infrastructure. 

What  standards  efforts  has  IBM  made? 

The  industry  and  IBM  have  been  committed  to  this,  and 
IBM  has  been  investing  a  lot  to  create  this  next  wave  of  stan¬ 
dardization,  which  didn’t  exist.  IBM  sat  down  with  Microsoft 
and  others  to  articulate  a  set  of  standards  and  specifications 
for  how  applications  could  talk  to  one  another.  Now  we  have 
a  set  of  basic  standards  that  allow  for  the  discovery  descrip¬ 
tion,  communication,  cataloging  and  securing  of  messages 
that  allow  applications  to  talk  to  one  another. That’s  the  big 

See  IBM,  page  28 


Offshoring  up,  savings  questionable 


Short  Takes 


■  IBM  said  last  week  it  would  buy 
electronic  forms  vendor  PureEdge 
and  combine  its  e-forms  technology 
into  its  Workplace  and  Lotus  collab¬ 
oration  products.  Terms  of  the 
acquisition  were  not  disclosed. 
PureEdge  offers  software  that  lets 
companies  customize  business 
applications.  PureEdge  e-forms  use 
XML,  which  allows  for  easy  sharing 
of  documents  and  transactions 
between  applications.  PureEdge  has 
been  an  IBM  partner  since  2002, 
and  much  of  its  technology  comple¬ 
ments  IBM’s  portal  and  content 
management  technology. 

■  Layton  Technology  last  week 
upgraded  its  desktop  auditing  soft¬ 
ware  with  features  to  make  it  possi¬ 
ble  for  customers  to  scan  assets  on 

the  fly.  AuditWizard  6.3  supports 
real-time  audits  of  IT  assets,  rather 
than  network  managers  having  to 
depend  upon  scheduled  PC  data 
updates.  The  software  distributes  a 
small  application  to  each  desktop 
that  collects  hardware,  software 
and  Internet  usage  data  from  the 
machine.  AuditWizard  has  a  central 
database  to  which  each  managed 
machine  sends  updated  information. 
This  latest  release  will  let  network 
managers  get  updated  information 
when  they  need  it.  A  module  notifies 
PC  administrators  of  software  and 
hardware  changes,  as  well  as 
Internet  activity  on  all  or  selected 
PCs.  Layton  Technology  competes 
with  Altiris,  LANDesk  and  Microsoft. 
AuditWizard  6.3  starts  at  about  $300 
for  50  PCs,  which  includes  60  days  of 
e-mail  and  phone  support,  and  any 
updates  that  are  released. 

■  Yahoo  will  open  a  new  research 
facility  in  August  in  conjunction  with 
the  University  of  California,  Berkeley, 
focused  on  areas  such  as  search 
technology,  shared  media  content, 
camera  phones  and  metadata.  The 
facility,  called  Yahoo  Research 
Labs  Berkeley,  will  build  on 
research  already  under  way  at  the 
university's  Garage  Cinema  Research 
group. 


BY  JENNIFER  MEARS 

Companies  in  growing  numbers  are  turn¬ 
ing  to  offshore  service  providers  as  a  way  to 
cut  costs,  but  a  survey  of  more  than  5,000 
executives  worldwide  shows  that  savings 
aren’t  as  high  as  typically  expected. 

“Most  people  across  the  board  think 
they’re  going  to  cut  a  third  or  half  of  their 
costs,”  says  Phillip  Hatch,  president  of  off¬ 
shoring  consulting  and  market  research 
firm  Ventoro.’That  simply  isn’t  realistic.” 

Hatch  wrote  Ventoro’s  Offshore  2005 
Research  report,  released  earlier  this 
month,  which  found  that  cost  savings  for 
companies  that  send  work  overseas  aver¬ 
ages  a  little  more  than  9%. 


“If  you  exclude  those  that  had  catastroph¬ 
ic  failures  and  just  look  at  projects  that 
were  deemed  to  be  a  success,  you  still  see 
only  about  19%  average  cost  savings,” 
Hatch  says. 

At  the  same  time,  more  than  50%  of  the 
offshore  engagements  Hatch  reviewed  had 
no  savings  or  costs  increased.  A  key  reason 
for  offshore  failures,  according  to  the 
report,  lies  with  the  client. 

“The  ultimate  success  or  failure  of  any 
offshore  strategy  hinges  on  the  perform¬ 
ance  of  the  implementing  executive,” 
Hatch  says. 

To  be  successful  with  an  offshore  strategy 
a  client  first  must  identify  a  specific  busi¬ 


ness  problem,  consider  all  possible 
options,  and  decide  whether  sending  work 
offshore  is  the  appropriate  answer. 

Making  such  a  decision  isn’t  always  as 
easy  as  it  might  seem,  Hatch  says.  For  exam¬ 
ple,  Hatch’s  survey  showed  that  offshore 
savings  don’t  come  strictly  from  lower 
labor  rates  found  in  offshore  locales. 

“If  that  is  your  single  purpose:  to  achieve 
your  cost  savings  through  low-cost  hourly 
resources,  you’re  likely  to  lose  your  shirt.” 
he  says. 

Corporate  customers  need  to  look  for 
offshore  providers  that  have  high-caliber 
systems  in  place  that  will  push  clients  to 

See  Offshoring,  page  28 
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Conclusions  based  on  isolated  data 


NET  INSIDER 

Scott  Bradner 


Performance  measurement 
company  Keynote  Systems  earli¬ 
er  this  month  issued  a  study  of 
Internet  phone  service  quality 
and  concluded  that  there  is  a 
“need  for  considerable  improve¬ 
ment.”  1  do  not  know  just  what 
led  the  company  to  that  conclu¬ 
sion,  but  I  do  caution  anyone 
reading  reports  of  this  study  not 
to  conclude  that  VoIP  has  no 
future. 

I  have  no  way  of  judging  the 
quality  of  the  survey,  since  all 
that  Keynote  has  made  available 
is  a  press  release  (www.network 


world.com,  DocFinder:  8129). 
The  company  doesn’t  say  in  the 
release  how  much  it  charges  for 
the  whole  study,  but  I’m  sure  it’s 
more  than  I  will  get  for  writing 
this  column,  so  I’ll  get  by  on  the 
release. 

According  to  the  press  release, 
the  study  seems  to  explore  a  rea¬ 
sonable  number  of  the  relevant 
variables,  including  multiple  VoIP 
and  connectivity  providers,  call 
location  and  time  of  day  Key¬ 
note  used  10  factors  to  evaluate 
the  “end-user  experience.”  The 
company  then  reduced  these 
factors  into  two  magic  numbers 
representing  reliability  and 
audio  quality.  That  seems  to  me 
to  be  rather  over-reduced  —  for 
example,  lumping  the  quality  at  2 
a.m.  (when  no  one  is  using  the 
local  link)  with  that  at  midday 
(when  the  local  loop  is  congest¬ 
ed)  does  not  produce  the  infor¬ 


mation  I’d  want  to  get. 

1  use  VoIP  and  a  lot  of  people  I 
know  do,  as  well.  Maybe  it’s  just 
the  environments  that  we  work 
and  live  in,  but  it  is  not  my  expe¬ 
rience  that  VoIP  has  a  “need  for 
considerable  improvement  in 
service.”  In  fact,  almost  all  the 
time  the  quality  of  the  VoIP  call  is 
perceivably  better  than  my  office 
ISDN  phone.  I  have  made  calls 
where  the  quality  sucks  (to  use  a 
technical  term),  but  that  hap¬ 
pens  a  few  times  a  year  —  far 
less  frequently  than  the  poor- 
quality  public  switched  tele¬ 
phone  network  connections  I 
keep  getting  to  and  from  all  sorts 
of  locations. 

But  let’s  assume  that  Keynote  is 
correct  in  its  claim  that  VoIP  too 
often  does  not  “live  up  to  the 
dial-tone  reliability  and  crystal- 
clear  communication  quality” we 
have  come  to  expect  with  plain 


old  telephone  service,  at  least  in 
the  environments  where  the 
company  ran  its  tests.  Can  we 
garner  anything  about  the  poten¬ 
tial  ofVoIP  from  that  conclusion? 

This  information,  in  isolation,  is 
not  all  that  meaningful  in  the 
real  world.  Other  factors  over¬ 
whelm  these  perceptions  of  poor 
“end-user  experience.”  One  only 
has  to  imagine  what  the  report 
would  have  been  if  some  earlier 
year  Keynote  had  run  exactly  the 
same  tests  on  1990-era  cell 
phones,  which  were  unambigu¬ 
ously  and  almost  universally 
crappy  Any  reader  looking  only 
at  the  results  of  the  testing  would 
have  concluded  that  cell  phones 
had  no  future  at  all. 

But  anyone  coming  to  that  con¬ 
clusion  would  have  to  ignore 
three  important  factors.The  most 
important  is  portability  —  the 
phone  goes  where  you  go 


instead  of  you  having  to  go  to  the 
phone.  A  second  factor  is  that 
technology  keeps  getting  better, 
and  the  third  is  that  the  per-call 
cost  of  cell  phones  would  plum¬ 
met  because  of  competition  to  a 
point  where  it’s  far  cheaper  than 
land-line  phone  calls. 

Any  conclusion  that  VoIP  has  a 
poor  future  based  on  the 
Keynote  study  would  be  to 
ignore  the  last  two  of  these  fac¬ 
tors.  Ignoring  important  factors  is 
not  a  good  way  to  come  to  use¬ 
ful  conclusions. 

Disclaimer:  Harvard  has 

enough  of  a  past  to  know  that 
predicting  the  future  is  hard  but 
has  not  expressed  a  formal  opin¬ 
ion  on  VoIP  futures. 

Bradner  is  a  consultant  with 
Harvard  University’s  University 
Information  Systems.  He  can  be 
reached  at  sob@sobco.com. 


Offshoring 
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optimize  their  own  internal  processes,  he 
says.  In  fact,  46%  of  offshore  savings  result 
from  improved  internal  processes,  and  45% 
come  from  vendor  execution,  according  to 
the  companies  Hatch  surveyed. 

Farrell  Delman,  president  of  the  Tobacco 
Merchants  Association,  in  Princeton,  N.J., 
says  it  is  up  to  the  client  to  find  an  off¬ 
shore  provider  that  understands  the 
client’s  business. 

“You  can  find  groups  offshore  that  have 
business  people  that  spend  an  awful  lot  of 
time  understanding  your  business  and  then 
jump  into  your  code,” says  Delman,  who  has 
been  using  offshore  provider  Cordiant 
since  2002. 

“A  lot  of  these  offshore  companies  are  dri¬ 
ven  by  price,”  he  says.  “You  stand  to  lose  a 
lot  when  you’re  just  driven  by  price.” 

If  companies  manage  their  offshore  pro¬ 
jects  well,  they  could  see  savings  of  as 
much  as  30%,  Hatch  says.  Those  kinds  of 
savings  remain  elusive  for  most  companies. 
Of  the  companies  Hatch  surveyed,  45% 
deemed  their  offshore  strategy  a  success; 
36%  called  it  a  failure. 

Further,  one  in  three  executives  said  they 
had  to  move  work  from  their  offshore  team 
back  onshore  “due  to  performance  prob¬ 
lems  with  their  offshore  strategy’  At  the 
same  time, 73%  said  they  would  continue 
with  a  long-term  offshore  strategy 

An  outsourcing  index  published  by  advi¬ 
sory  firm  TPI  showed  that  the  number  of 
companies  that  would  include  an  offshore 
strategy  is  growing. 

“In  2004,  40%  of  the  companies  we 


Trouble  offshore 

A  recent  survey  of  more  than  5,000 
companies  in  the  U.  S.  and  abroad 
by  outsourcing  research  firm 
Ventoro  found  that  the  cause  of 
offshore  failures  often  lies  close 
to  home: 

Reasons  cited  for  offshore 
outsourcing  failure: 

Miscommunication  Other  Client  preparation 
and  culture  9%  3%  and  execution 


14%  15%  21% 

Wrong  Vendor  team  Joint  client- 

answer  performance  vendor  planning 


worked  with  had  an  offshore  component,” 
says  Jack  Benton,  vice  president  of  market¬ 
ing  at  TPI.This  year  so  far  it’s  45%.” 

The  total  contract  value  for  offshoring 
deals  has  shrunk  from  38%  last  year  to  28% 
this  year,  showing  that  less  money  is  going 
overseas.“But  it  also  shows  that  there  are  a 
lot  of  new  entrants  into  the  offshore  mar¬ 
ketplace  that  are  dipping  their  toes  in,” 
Benton  says.B 


IBM 

continued  from  , 
page  27 

news.  There  is 
native  support  for 
these  standards  in  products  going  off  the 
shelf. 

How  do  you  recommend  companies  starting  to 
adopt  S0A? 

You  can  come  at  it  from  a  lot  of  differ¬ 
ent  directions,  which  I  think  is  good  and 
pragmatic.  Depending  on  who  you  are  in 
the  organization,  the  entry  point  will 
vary.  If  you  are  a  developer  at  a  bank 
with  10,000  developers  you  can  down¬ 
load  an  SDK  from  IBM’s  or  some  other 
site,  and  you  can  start  playing  with  the 
technology  and  start  looking  for  a  home 
for  it  in  your  organization.You  have  a 
hammer  you  are  looking  for  a  nail. 
Literally,  hundreds  of  thousands  of  devel¬ 
opers  have  done  that.  These  are  the 
same  people  that  are  open  source  cod¬ 
ing  at  night.You  have  to  be  aware  of  it 
and  channel  it.  That’s  one  type  of  adop¬ 
tion.  Another  type  of  adoption  is  the  line 
of  business.  Someone  who  runs  the  busi¬ 
ness  unit  says  they  have  a  pain  point 
and  I  have  to  solve  it.  The  business  turns 
to  IT  and  IT  says  they  have  12  other  pri¬ 
orities  that  are  equally  important,  but  the 
business  needs,  for  example,  a  single 
view  of  their  customer  now,  they  don’t 
have  that  capability. You  get  that  friction 
developing  between  business  and  IT.The 
business  person  needs  to  gain  access  to 
a  database  and  cobble  something 
together. 


How  does  one  go  from  a  fragmented,  scat¬ 
tered  approach  to  adopting  true  SOAP 

What  we  are  seeing  now  is  a  significant 
step  up  by  CIOs  to  get  ahead  of  this,  to 
standardize,  to  provide  the  governance  as 
to  how,  where  and  when  you  do  SOA  in 
the  organization.The  business  unit  adop¬ 
tion  is  not  really  SOA,  it’s  something  I 
would  call  SOI,  or  service-oriented  integra¬ 
tion.  It’s  exposing  some  applications  to 
being  connected;  it  has  great  business 
value  but  really  low  real  technical  value. 

It’s  a  way  to  sub-optimize;  you  will  start  to 
get  reduced  returns  in  the  future  because 
they  create  more  havoc  in  the  enterprise 
architecture.  While  it’s  a  good  short-term 
—  you  get  a  nice  little  bang  - —  you  don’t 
get  the  benefit  long  term.  CIOs  need  to 
jump  ahead  of  this  because  they  will  end 
up  with  just  hot  spots  in  a  chaotic  environ¬ 
ment  with  no  hope  of  being  able  to  con¬ 
trol  it.  In  a  decentralized  environment,  it’s 
the  kiss  of  death. 

How  can  companies  avoid  a  poorly  designed 
SOAP 

They  need  to  assess  their  current  busi¬ 
ness  services.  If  you  have  a  claims  process¬ 
ing  service,  you  need  to  assess  how  well 
designed  is  it.You  need  to  develop  a  capa¬ 
bility  around  service  modeling.  How  do 
you  take  a  business  activity  and  how  do 
you  understand  the  subroutines  in  that 
activity  Then  how  do  you  divvy  that  up 
and  understand  the  different  steps 
involved  in  that  business  activity  It’s  not 
good  enough  to  just  take  what  you  have 
and  automate.  It’s  very  important  to  realize 
a  set  of  business  services  at  the  outset.  (For 
more  on  SOA,  see  page  58,)B 
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Tivoli 


IBM  Tivoli  IT  Service  Management  can  streamline  your  IT  operations.  It’s  THE  MOST  COMPLETE  END-TO-END  MIDDLEWARE  SOLUTION 
THAT  DELIVERS  TIGHT  INTEGRATION  between  technology,  processes  and  people,  while  boosting  the  availability  and  efficiency  of  your  IT 
services.  Its  automation  tools  can  help  minimize  time  and  labor  costs,  while  modular  construction  means  it’s  a  solution  that  can  grow  easily  with  your  business. 
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DISCOVER  A  BETTER  WAY  TO  MANAGE  THE  BUSINESS  OF  IT  AT  IBM.COM/MIDDLEWARE/MGMT 
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IT  security  is  more  vital  than  ever,  and  testing  is  the  only  way 
to  ensure  its  success.  With  Spirent,  testing  solutions,  you  can  prevent 
security  breaches  and  protect  your  company’s  assets  by  testing  security 
infrastructure  before  you  deploy  it.  Testing  early,  and  under  real-world  conditions., 
allows  you  to  properly  evaluate  IT  vendor  claims  and  determine  if  the  various 
systems  and  devices  are  a  good  fit  for  your  enterprise  network.  In  the  end, 
testing  will  significantly  reduce  security  risks  while  saving  you  money.  To  read 
our  white  paper  Putting  Security  to  the  Test,  call  1-800-927-2660  or  download 
www.spirentcom.com/go/securitytest 
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Sprint  service  helps  map  wireless  plans 

Mobile  Business  Assessment  consulting  service  aimed  at  putting  policies  in  perspective,  cutting  costs. 


BY  DENISE  PAPPALARDO 

Sprint  is  expected  to  launch  a  wireless 
consulting  service  this  week  that  is 
designed  to  provide  customers  with  a  clear¬ 
er  understanding  of  their  mobile  service, 
applications  and  systems. 

The  carrier’s  service  is  called  Sprint 
Mobile  Business  Assessment  and  features  a 
four-  to  six-week  engagement  with  an  enter¬ 
prise  business  customer. 

“Sprint’s  offering  is  fairly  unique  and  inno¬ 
vative,’’  says  Eugene  Signorini,  director  of 
wireless  and  mobile  enterprise  solutions  at 
consulting  firm  The  Yankee  Group.  “Other 
wireless  service  providers  are  offering  con¬ 
sulting  services  on  a  case-by-case  basis,  but 
Sprint  has  a  specific  team  to  conduct  a  very 
well-defined  engagement.” 

The  service  is  designed  to  put  wireless 
use  in  perspective,  but  in  many  cases  users 
are  expected  to  reduce  costs. 

“We  expect  to  see  a  30%  savings  in  the 
next  12  to  18  months,”  says  Brian  Vik,  direc¬ 
tor  of  telephony  solutions  at  Carlson 
Companies,  a  Minneapolis-based  hospitali¬ 
ty  dining  and  marketing  company  that 
owns  Radisson  Hotels  &  Resorts,  Country 
Inns  &  Suites  and  T.G.I.  Friday’s  restaurants. 

Sprint  finished  Carlson’s  second  assess¬ 
ment  in  late  June. Vik  says  that  Sprint  came 
in  and  first  did  a  general  assessment  of 


Short  Takes 


■  Yipes  Enterprise  Services  has 

begun  service  expansion  into  Boston 
with  a  downtown  point  of  presence. 
The  POP  is  slated  for  third-quarter 
operation.  Yipes  said  the  financial 
services  vertical  market  required  the 
expansion.  In  April,  Yipes  launched 
FinancialConnect,  a  service  that  pro¬ 
vides  banks,  brokers,  hedge  funds, 
institutional  investors  and  invest¬ 
ment  managers  with  access  to 
financial  exchanges,  liquidity  pools 
and  trading  platforms.  Yipes  serves 
128  cities  worldwide  and  in  June, 
announced  a  new  international  POP 
in  London. 


Carlson’s  3,500  wireless  users.  A  second 
assessment  went  into  more  detail  and 
included  developing  several  profiles  of  typ¬ 
ical  Carlson  wireless  users. 

Before  the  Sprint  work,  more  than  half  of 
the  mobile  users  at  Carlson  bought  their 
own  wireless  phones  and  services  and  ex¬ 
pensed  those  costs.  Now  the  company  is 
migrating  the  majority  of  those  phones  to 
company-owned  devices  and  services 
from  one  of  Carlson’s  four  wireless  service 
providers, Vik  says. 

“We  were  not  able  to  take  advantage  of 
pooled  minutes.  There  were  no  company¬ 
wide  policies;  it  was  a  free-for-all, ”Vik  says. 
“Now  we’ll  be  able  to  take  advantage  of 
future  services,  better  service  rates  and  bet¬ 
ter  prices  on  devices.” 

Sprint’s  initial  assessment  is  conducted  in 
three  phases  —  data  collection,  mobility 


It’s  been  an  eventful  year:  Last  December, 
Sprint  and  Nextel  announced  plans  to  join 
forces  in  a  deal  expected  to  close  this  fall. 
After  a  nasty  bidding  war  with  Qwest, 
Verizon  announced  its  intention  to  pur¬ 
chase  MCI  for  $8.4  billion  this  spring.  And  at 
press  time,  approval  was  pending  from 
AT&T’s  board  to  sell  the  firm  to  SBC  for  $16 
billion  in  a  deal  expected  to  close  next 
spring. 

But  in  the  recent  round  of  telecom  musi¬ 
cal  chairs,  one  name  is  notably  absent: 
BellSouth.  Despite  a  market  capitalization 
of  just  less  than  $50  billion, serving  upwards 
of  20  million  business  and  residential  cus¬ 
tomers  in  its  southeastern  region,  and  own¬ 
ing  40%  of  Cingular.the  second-largest  wire¬ 
less  provider,  BellSouth  seems  to  have 
stayed  notably  behind  the  scenes  in  recent 
years.  (SBC  owns  the  other  60%  of  Cingular, 
more  about  which  in  a  minute.) 

Some  background:  BellSouth  is  —  at  the 
moment  —  the  third-largest  of  the  seven 
remaining  traditional  telcos,  following 


Wireless  ways 

Sprint's  Mobile  Business  Assessment 
consulting  service  includes: 

*  Policy  creation. 

•  Asset  management. 

*  Cost  analysis. 

•  Teclinolo,  i  ocommendations. 


analysis  and  strategy  development.  During 
data  collection,  Sprint  interviews  35  to  50 
employees,  provides  third-party  research 
and  rides  with  mobile  employees  to  get  a 
better  understanding  of  how  they’re  using 
wireless  services  and  applications,  says 
Kenny  Wyatt,  vice  president  of  integrated 
solutions  for  Sprint  Business  Solutions. 


Verizon  ($95  billion)  and  SBC  ($78  billion). 
It’s  larger  than  Sprint  ($37  billion),  AT&T 
($15  billion),  MCI  ($8  billion)  and  Qwest 
($6  billion). 

But  that’s  all  changing.  When  the  dust  set¬ 
tles,  the  most  likely  outcome  is  that 
BellSouth  will  place  fourth  in  an  industry 
dominated  by  the  Big  Three:  Verizon  (soon 
to  be  $103  billion  when  the  MCI  merger 
closes), SBC/ AT&T  (soon  to  be  $93  billion), 
and  Sprint/Nextel  at  $73  billion.That  leaves 
BellSouth  ahead  of  just  one  traditional 
player,  Qwest, which  is  clearly  the  runt  of  the 
litter.  In  other  words,  BellSouth  goes  from 
being  a  relatively  large  fish  in  a  large  pond 
to  a  much  smaller  fish  in  a  much  smaller 
pond. 

So  what’s  the  next  step? 

BellSouth  could  continue  to  compete 
head-to-head  with  the  Big  Three,  pitting  its 
relatively  strong  customer  loyalty  and 
improving  financials  against  three  bigger 
players.  That’s  possible  but  unlikely  in  the 
long  run. 

Alternatively,  it  could  get  acquired. 
SBC/ AT&T  is  the  obvious  choice,  given  that 
SBC  currently  owns  the  other  60%  of 
Cingular,  and  the  companies  have  syner¬ 
gistic  regions  and  services.  Personalities 


During  mobility  analysis,  Sprint  takes  a 
look  at  the  equipment  and  software,  includ¬ 
ing  access  technologies.  The  third  phase, 
strategy  development,  includes  an  18- 
month  road  map  of  key  mobility  initiatives. 

“Our  assessments  are  technology-  and 
vendor-agnostic,”  Wyatt  says.  That  is,  while 
Sprint  isn’t  likely  to  recommend  users  move 
to  Cingular’s  network  for  wireless  data,  it 
could  recommend  a  customer  upgrade  a 
group  of  users  to  BlackBerry  devices,  which 
require  wireless  data  services. 

While  Sprint  would  not  provide  specific 
pricing,  the  carrier  says  its  Mobile  Business 
Assessment  services  cost  less  than  similar 
offerings.“We’re  not  trying  to  develop  a  new 
professional-services  revenue  stream, ’’Wyatt 
says.  Instead,  Sprint  wants  to  show  users 
how  to  get  more  out  of  wireless  services 
and  applications,  and  reduce  costs.  ■ 


play  a  key  role,  though.  The  relationship 
between  BellSouth  s  CEO  Duane  Ackerman 
and  SBC’s  Edward  Whitacre  is  reportedly 
contentious  after  failed  merger  talks  last 
year.  But  Whitacre  has  said  publicly  he 
plans  to  step  down  not  long  after  the 
SBC/ AT&T  merger  completes.  With  no  heir 
apparent  at  SBC,  AT&T  CEO  David  Dorman 
may  step  up  to  the  role  —  and  he’s  had  pre¬ 
vious  negotiations  with  Ackerman  (AT&T 
and  BellSouth  reportedly  came  close  to 
inking  a  deal  as  recently  as  18  months  ago). 
With  Dorman  in  the  buyer’s  seat,  the  out¬ 
come  could  be  different  this  time. 

BellSouth  also  has  the  option  of  selling  its 
share  in  Cingular  to  SBC/ AT&T  (or  another 
purchaser)  and  using  the  proceeds  for  a 
merger  of  its  own  —  perhaps  snapping  up 
Qwest,  or  potentially  a  cable  company  or 
other  wild  card. That  path’s  riskier  and  less 
in  line  with  BellSouth’s  historically  conserv¬ 
ative  strategy 

Bottom  line:  BellSouth  can  only  resist  the 
winds  of  change  for  so  long. 

Johna  Till  Johnson  is  president  and  chief 
research  officer  at  Nemertes  Research,  an 
independent  technology  research  firm.  She 
can  be  reached  at  johna@nemertes.com. 


What’s  next  for  BellSouth? 
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YOUR  JOB  IS  TO  KEEP  SYSTEMS 
OUR  MISSION  IS  TO  KEEP  PEOPLE 

LET’S  WORK 


AND  APPLICATIONS  RUNNING. 
AND  INFORMATION  CONNECTED 
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That’s  Information 

Availability.  It’s  what  your  employees,  suppliers  and  customers  demand  every 
minute  of  every  day.  But  to  deliver  it  flawlessly,  you  need  a  massive  global 
infrastructure,  redundant  systems  and  diverse  networks  being  monitored  and 
supported  by  skilled  technical  experts  at  secure  facilities.  That’s  exactly  what 
SunGard  provides. 

As  a  result,  we  can  offer  you  a  higher  level  of  availability  and  save  your 


For  years,  companies  around  the  world  have  turned  to  SunGard  to  restore  their 
systems  when  something  went  wrong.  So,  it’s  not  surprising  that  they’re  now 
turning  to  us  to  mitigate  risk  and  make  sure  they  never  go  down  in  the  first  place. 

You  want  your  network  and  systems  to  always  be  up  and  running.  We  want  the 
same  thing.  Let’s  get  together.  To  learn  more,  visit  www.availability.sungard.com  or 
call  1-800-468-7483. 


company,  on  average,  25%*  versus  building  the  infrastructure  yourself.  Plus, 
it’s  a  vendor  neutral  solution  that  lets  you  control  your  data,  applications  and 
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network  while  giving  you  the  flexibility  to  adjust  to  the  changing  needs  of  your 
business.  But  best  of  all,  it  lets  you  spend  more  time  solving  business  problems 


and  less  time  solving  technical  problems. 


SUNGARD 

Availability  Services 
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and  Information 
Connected ™ 


‘Potential  savings  based  on  I0S  White  Paper,  Ensuring  information  Availability:  Aligning  Customer  Needs  with  an  Optimal  investment  Strategy. 
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IBM  project  financing  attracts  SMBs 


BY  CHINA  MARTENS,  IDG  NEWS  SERVICE 

IBM’s  project  financing  service  is  proving 
popular  not  only  among  large  companies, 
but  also  with  the  small-and-midsize  busi¬ 
ness  sector.  The  service  provides  a  cus¬ 
tomer  with  complete  financial  backing 
from  IBM  for  an  entire  IT  project,  from  the 
design  phase  to  system  deployment. 

About  one-third  of  IBM’s  project  financing 
business  is  currently  with  SMBs,  and  the 
business  is  growing, 
says  Paul  Foulkes, 
vice  president  of 
worldwide  project 
financing  with  IBM 
Global  Financing.  In 
some  countries,  such 
as  France  and  Italy 
IBM’s  financing  deals 
are  predominantly 
with  SMBs. 

Foulkes  says  IBM  might  define  some  large 
companies  as  SMBs  for  financing  purposes. 
While  some  large  firms  have  sophisticated 
business  models  in  place,  others  might  not 
and  would  benefit  from  the  financing,  says 
John  McArthur,  group  vice  president  and 
general  manager  with  IDC’s  information 
infrastructure  division. 

With  any  project  financing  deal,  cus¬ 
tomers  want  to  lock  in  the  amount  of 
money  the  project  will  cost  and  retain 
some  flexibility  on  achieving  milestones, 
Foulkes  says.  A  milestone  is  an  agreed- 
upon  point  in  the  project  when  some  goal 
is  met  —  for  instance,  getting  a  specified 
number  of  users  up  and  running  on  a  new 
application.  In  that  example,  IBM  would 
build  some  “wiggle  room”  into  the  mile¬ 
stone  so  that  if,  for  example,  80  instead  of 
the  agreed  90  users  had  the  new  software, 
the  customer  could  still  sign  off  on  having 
reached  that  stage. 

Having  milestones  established  helps  keep 
development  on  track  for  users  and  IT  sup¬ 
pliers.  Milestones  “introduce  a  little  more 
certainty  and  add  a  lot  more  discipline,” 
Foulkes  says.  Once  a  company  has  signed 
off  on  a  milestone,  it  needs  to  pay  IBM  the 
agreed  amount  in  relation  to  that  achieve¬ 
ment  so  IBM  can  pay  the  IT  suppliers. 

“There’s  an  old  phrase  —  approved  but 
not  funded,”  says  IDC’s  McArthur.  “It’s  hard 
to  get  approval  for  IT  projects.  Project 
financing  allows  the  match  of  payments  to 
future  benefits.” 

He  says  IBM  service  is  a  “brilliant 


approach,”  not  only  reducing  the  risks 
inherent  in  high-tech  projects  for  cus¬ 
tomers,  but  also  a  way  of  providing  com¬ 
petitive  advantage  for  IBM.  If  Big  Blue  intro¬ 
duces  the  concept  of  project  financing 
when  a  customer  is  considering  an  IT  pro¬ 
ject,  IBM’s  “traditional  [financing]  competi¬ 
tion  might  not  even  be  invited  to  the  table,” 
he  says. 

Should  a  customer  decide  midway 
through  a  project  that 
he  wants  to  call  a  halt 
to  it,  IBM  will  termi¬ 
nate  his  funding, 
Foulkes  says.  The  cus¬ 
tomer  will  pay  only 
what  it  has  seen 
value  for  as  mea¬ 
sured  by  the  mile¬ 
stones.  That  flexibility 
is  likely  to  give  customers  more  confidence 
and  make  it  easier  to  get  IT  projects 
approved.  “If  you’re  able  to  go  to  the  CFO 
and  say ‘By  the  way  you  don’t  have  to  pay  a 
nickel  if  you  don’t  see  a  benefit,’  they’ll  say 
‘Yeah,  I’ll  take  the  risk,’”he  says.The  only  risk 
for  the  customer  is  in  allocating  staff  to  the 


project. 

One  of  the  inhibitors  to  CEOs  taking  on 
project  financing  deals  for  their  companies 
is  a  sizable  mismatch  between  the  cost  of 
the  project  and  the  time  it  might  take  for  an 
organization  to  reap  financial  benefit  from 
it. “It  may  take  years  to  see  any  payback,”  par¬ 
ticularly  in  relation  to  CRM  or  ERP  projects 
and  government  initiatives,  such  as  e-pass- 
ports  and  electronic  tolls  for  road  systems, 
Foulkes  says. 

Among  the  SMBs  looking  to  transform 
business  operations  with  an  IT  project  is 
U.K.  motorway  services  operator  RoadChef 
Motorways.  Earlier  this  year,  it  signed  a  pro¬ 
ject  financing  contract  worth  around  $40 
million  with  IBM. 

RoadChef  has  20  sites  in  the  U.K.,some  of 
which  offer  accommodations  along  with 
cafes,  fast-food  restaurants  and  shops.  After 
installing  new  management  last  year, 
RoadChef’s  owner,  Nikko  Principal  Invest¬ 
ments,  wanted  the  organization  to  improve 
its  performance  and  expand  its  24%  share 
of  the  motorway  services  market.  Nikko 
wanted  to  make  RoadChef  more  cost-effi¬ 
cient  by  outsourcing  non-customer-facing 


activities  such  as  finance  and  administra¬ 
tion,  and  revamping  the  company’s  IT  infra¬ 
structure. 

RoadChef  worked  closely  with  Accenture 
to  research  the  project’s  scope  and  put 
together  an  RFP  Among  the  bidders  for  the 
project  were  Accenture,  IBM,  LogicaCMG 
and  Capgemini  SA. 

The  RFP  was  issued  last  October, 
RoadChef  chose  IBM  the  following  month, 
and  the  companies  signed  the  contract  in 
January  The  project  has  been  in  develop¬ 
ment  since  February  and  should  be  up  and 
running  by  the  end  of  October,  according 
to  Foulkes. 

Under  the  terms  of  the  deal,  RoadChef’s 
finance  and  administration  operations  are 
outsourced  to  a  company  in  Bangalore, 
India.  Bills  will  be  sent  to  a  post  office  box, 
read  digitally  into  a  computer  and  then 
transferred  to  India  to  be  processed,  he  says. 

For  its  new  IT  infrastructure,  RoadChef  is 
taking  on  financial  software  from  Sage 
Group  and  retail  applications  from  Anker 
running  on  IBM  eServers,  desktop  PCs  and 
cash  tills,  and  linked  together  with  IBM’s 
networking  services.  ■ 


Kerio  tunes  mail  server  to  fight  spam 


BY  JOHN  FONTANA 

Kerio  Technologies  last  week  released  a  new  version  of  its  mail 
server  with  a  focus  on  mobile  users,  administration  and  helping 
users  battle  the  spam  and  viruses  that  plague  e-mail  today 

Kerio  MailServer  6.1,  which  is  designed  primarily  for  small  and 
midsize  businesses  seeking  an  alternative  to  Microsoft’s 
Exchange  Server,  includes  a  host  of  e-mail  hygiene  features,  and 
support  for  Apple’s  Tiger  operating  system  and  Microsoft’s 
Outlook-like  Entourage  client  for  the  Mac. 

Also  new  is  the  Kerio  Synchronization  Plug-in  for  Outlook, 
which  supports  offline  access  to  contact  and  calendar  data  for 
roaming  users. 

To  combat  e-mail-address  spoofing,  Kerio  is  adding  support  for 
the  Sender  Policy  Framework  (SPF),  a  method  for  authenticating 
e-mail  domains.  The  server  already  supports  CallerlD,  a  similar 
technology  developed  by  Microsoft. 

Another  new  feature,  Spam  Repellent,  inserts  a  delay  in  the 
SMTP  handshake,  causing  a  virus  or  spam-sending  zombie  to  fail 
in  its  attempt  to  connect  to  the  server.  Kerio  officials  say  the  fea¬ 
ture  can  eliminate  up  to  70%  of  spam  and  viruses. 

“They  are  putting  everything  together  in  a  nice  package  and 
aiming  it  at  the  SMB  space,”  says  Michael  Osterman,  president  of 
Osterman  Research.  “They  have  this  Spam  Repellent  feature  to 
do  connection  blocking,  so  you  can  stop  spam  before  it  gets  to 


the  network.That  is  fairly  important,  because  I  think  we  have  got¬ 
ten  to  the  end  of  content  filtering  in  a  way,  and  now  you  have  to 
stop  spam  further  back  in  the  network, so  you  don’t  have  to  han¬ 
dle  the  bandwidth.” 

On  the  anti-virus  front,  MailServer  6.1  will  support  the  use  of  a 
second  anti-virus  software  package  in  addition  to  the  McAfee 
software  built  into  the  server.  Kerio  is  adding  support  for 
VisNetic  Antivirus  to  its  current  lineup,  which  includes 
Symantec,  Sophos,  Grisoft  AVG,  Eset  NOD  32,  and  Computer 
Associates  products. 

Also  new  is  an  HTML  editor  for  Kerio’s  Web  mail  client,  which 
will  allow  for  the  use  of  rich  text  in  the  client.  The  editor  works 
with  Internet  Explorer, Firefox  and  Safari  Versions  1.3  and  2.0.  A 
free/busy  feature  will  make  the  client  compatible  with  Outlook. 
The  company  also  has  added  performance  enhancements  to  its 
Web  Mail  Mini  client,  which  is  designed  for  such  devices  as  cell 
phones  and  PDAs,  and  older  browsers. 

In  addition,  Kerio  is  adding  a  simplified  version  of  the 
MailServer  administration  console,  a  remote  tool  that  lets  users 
add  or  delete  user  accounts. 

The  server  starts  at  $499  for  20  users. The  version  with  built-in 
McAfee  anti-virus  protection  starts  at  $899.  MailServer  6. 1  runs  on 
SuSEand  Red  Hat  Linux,  Apple’s  Jaguar,  Panther  and  Tiger, and  all 
versions  of  Windows  Server.  ■ 


Milestones  "introduce  a  little 
more  certainty  and  add  a  lot 
more  discipline.” 

Paul  foulkes,  vice  president  of  worldwide  project 
financing  with  IBM  Global  Financing 


Seeking  Technology  Companies 
in  a  Growth  Spurt? 


Enterprise  Management  Associates  has  the  market  insight  and  in-depth  research  bank  to  help  investors  build  solid  portfolios  in 
today’s  complex,  converging  IT  marketplace. 

Each  Analyst  at  Enterprise  Management  Associates  has  more  than  20  years  of  experience  in  the  management  disciplines  of 
storage,  networks,  systems,  applications,  security  and  service  level  management.  EMA’s  Analysts  have  a  multi-disciplinary, 
collaborative  approach  to  providing  the  highest  impact  advice  to  both  institutional  and  private  investors,  and  venture  capital  firms. 

EMA  combines  its  market  knowledge,  research,  development,  and  hands-on  experience  with  more  than  200  IT  vendors  to 
provide  the  advice  investors  need  most — 

•  Understanding  the  competition  and  changing  market  landscape 

•  Leveraging  deep  relationships  to  introduce  investors  to  vendors 

•  Evaluation  of  go-to-market  strategies  for  new  market  entrants 

•  Opportunities  for  strategic  alliances,  partnerships  and  channel  strategies 

•  Portfolio  alignment  strategies 

•  Input  on  product  design,  features,  and  competitive  positioning 


Most  importantly,  our  Analysts  provide  answers  to  questions  that  haven’t  been  asked — providing  foresight  into  key  events,  new 
technologies  and  emerging  trends. 


enterprisemanagement.com 


ENTERPRISE  MANAGEMENT 

ASSOCIATES 
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TMHNOUMiY  UPDATE 

m  AN  INSIDE  LOOK  AT 


Host-based  IPS  guards  endpoints 


HOW  IT  WORKS:  Host-based  IPS 


Host-based  intrusion -prevent ion  system  technology  protects  endpoints  beyond 
the  network  perimeter  from  attack.  In  this  example,  the  Sasser  worm  slips  by 
the  firewall  to  one  server  to  attack  the  network.  However,  a  server  protected  by 
HIPS  stops  the  worm  from  wriggling  further  into  the  network. 


Sasser 


HIPS-protected  server 


Sasser  passes  through  signature-based  firewall, 


Worm  enters  unprotected  server's  memory,  executes  and  continues  to  propagate  through  the  network. 

OR 

H  Worm  encounters  HIPS-protected  server,  HIPS  checks  for  valid  code  authorization  and  transfer,  discovers 
buffer  overflow  attack,  stops  code  from  executing  and  notifies  the  management  interface. 

D  Management  interface  logs  attack  and  issues  alert  to  networking  and  security  staff, 

Q  Worm  is  deflected, 


BY  SAMAN  AMARASINGHE 

As  network  threats  continue  to  grow  in 
number  and  sophistication,  a  new  tech¬ 
nology  offers  an  additional  layer  of  pro¬ 
tection.  Host-based  intrusion-prevention 
system  (HIPS)  technology  protects  end¬ 
points  behind  the  network  perimeter.  It 
combats  infections  and  attacks  at  the 
device  and  server  level  of  a  network,  pro¬ 
viding  a  layered  approach  that  comple¬ 
ments  investments  in  network-based  IPS 
without  relying  on  signatures  that  require 
near-constant  updates. 

HIPS  technology  is  extremely  accurate. 
It  works  by  enforcing  a  set  of  basic  soft¬ 
ware  conventions  that  never  changes 
called  the  Application  Binary  Interface 
(AB1).  The  ABI  sits  one  step  beyond  the 
application  program  interface  (API)  and 
defines  the  API  plus  the  machine  lan¬ 
guage  for  a  particular  CPU  family.  Because 
these  conventions  are  universal  among 
compiled  applications,  it  is  nearly  impos¬ 
sible  to  hijack  an  application  without  vio¬ 
lating  the  ABI. 

HIPS  deployments  generally  involve  two 
components,  a  series  of  agents  and  a  man¬ 
agement  and  reporting  interface.  Installed 
on  servers,  HIPS  agents  are  designed  to 
run  indefinitely  with  little  or  no  adminis¬ 
trative  overhead,  and  prevent  malicious 
code  that  enters  a  machine  from  being 
executed  without  the  need  for  a  check 
against  threat  signatures. 

In  practice,  agents  continually  verify  the 
validity  of  application  instructions  by  per¬ 
forming  checks  against  their  origin,  pre¬ 
venting  unintended  injected  code  from 
being  executed.  They  also  catch  mali¬ 


cious  code  masquerading  as  user  data.  In 
addition,  they  perform  checks  on  program 
control  to  ensure  that  control  transfer 
always  conforms  to  the  ABI. This  prevents 
applications  from  being  tricked  into  hand¬ 
ing  over  control  to  external  injected  code. 
It  also  catches  code-reuse  attacks  that  are 
emerging  as  the  next  generation  of 
advanced  attack  techniques  worrying 


security  professionals. 

The  HIPS  management  and  reporting 
interface  enables  thousands  of  agents  to 
be  deployed,  managed  and  upgraded 
across  an  enterprise  network.  The  inter¬ 
face,  which  is  often  Web-based  to  provide 
universal  accessibility,  allows  network  and 
security  staff  to  perform  configuration 
changes,  monitor  alerts  and  view  reports. 


Many  interfaces  notify  security  profes¬ 
sionals  of  issues  via  SMTP  or  other  alerts. 
The  interface  also  is  key  for  analyzing 
trend  reports,  assigning  users  and  roles 
according  to  policy  and  maintaining  a 
comprehensive  audit  trail. 

As  shown  in  the  accompanying  dia¬ 
gram,  an  HIPS  deployment  could  block 
the  threat  of  the  Sasser  worm.  The  worm 
exploited  a  memory  flaw  in  Microsoft 
operating  systems  to  cause  billions  of  dol¬ 
lars  of  damage  worldwide.The  attack  path 
shows  how  the  previously  unknown 
Sasser  code  passes  through  unpatched 
firewalls  undetected,  reaching  two  servers 
—  one  protected  by  HIPS,  one  unprotect¬ 
ed.  As  the  code  enters  the  memory  of  the 
unprotected  server,  it  immediately  exe¬ 
cutes  a  buffer  overflow  that  gives  a  remote 
host  system-level  control  of  that  server, 
enabling  further  attacks  from  within  an 
enterprise  network. 

In  contrast,  the  protected  servers  HIPS 
agent  examines  the  Sasser  code  as  it 
enters  the  server’s  memory  The  agent’s 
real-time  check  of  the  code  reveals  the 
buffer  overflow  mechanism,  a  process  that 
violates  the  ABI.  It  immediately  stops  the 
code  from  execution  without  affecting 
the  server’s  performance,  and  notifies  the 
management  component  that  an  attack  is 
underway  so  that  network  and  security 
staff  can  begin  remediation  efforts. 

Amarasinghe  is  CTO  at  Determina  and 
an  associate  professor  of  the  Department 
of  Electrical  Engineering  and  Computer 
Science  at  MIT  He  can  be  reached  at 
saman  @determina.  com. 


We’re  looking  for  a  powerful  content-manage¬ 
ment  system  that  is  free,  easy  to  install,  and 
easy  for  users  to  manage  folders  and  files  with. 

The  CMS  Matrix  site  is  a  great  resource  for  compar¬ 
ing  and  contrasting  content-management  system  plat¬ 
forms.  Most  seem  to  provide  similar  capabilities  for  end 
users  to  manage  files  and  folders  and  Web  page  con¬ 
tent.  One  that  stands  out  for  ease  of  installation  is 
WebGUI  (for  details  go  to  www.networkworld.com, 
DocFinder:  8139).  WebGUI  is  an  open  source  content- 


management  system  written  in  Perl  and  distributed 
under  the  General  Public  License.  There  are  installation 
packages  available  for  Linux  and  Windows  that  contain 
all  the  components  needed  to  successfully  install  and 
run  the  system.  These  packages  install  Perl,  the  Apache 
Web  server,  MySQL  and  the  WebGUI  software  all  at 
once  to  provide  an  operational  site  with  very  little  has¬ 
sle.  The  only  downside  to  the  Windows  installer,  called 
ZipNGo,  is  that  the  installation  scripts  are  hard-coded 
for  the  C:\  drive.  To  install  on  another  disk,  you  need  to 
edit  the  collection  of  batch  files  used  to  install  the  soft¬ 


ware  and  the  *.reg  files  that  update  the  system  registry. 
Source  code  distributions  of  WebGUI  are  available  for 
those  who  already  have  Perl,  Apache  and  MySQL 
installed.  After  installing  WebGUI  and  logging  on  using 
the  defaults  provided  by  the  opening  home  page,  take 
the  tour  at  DocFinder:  8140  for  an  introduction  to  the 
WebGUI  content-management  tools. 

Blass  is  a  network  architect  at  Change@\Vork  in 
Houston.  Questions  can  be  sent  to  dr.internet@chan.geat 
work.com. 
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Syncing  with  FolderShare 


6EARHEAD 

INSIDE  THE 
NETWORK 
MACHINE 

Mark  Gibbs 


few  weeks  ago  our  friend  Jim 
dropped  us  a  note  asking  what 
wed  recommend  for  synchro¬ 
nizing  data  in  two  locations.This  was 
a  topic  we  explored  perhaps  a  year 
ago  and  Jim’s  request  was  all  we 
needed  to  take  another  look  at  what 
is  now  available. 

The  reason  Jim  wants  a  directory 
synchronization  tool  is  that  he  trav¬ 
els  a  lot.  Being  on  the  road  so  much 
means  he  needs  to  be  able  to  get 
files  that  are  back  at  the  mothership, 
as  well  as  back  up  documents  and  e-mail  he  has  on  his 
laptop. 

In  our  previous  search  for  synchronization  tools  we 
found  a  few  promising  candidates  but  nothing  that  really 
made  synchronizing  simple.  Our  first  stop  was  to  check 
out  some  of  the  projects  on  SourceForge  and,  while  there 
were  a  few  that  look  interesting,  they  all  have  a  complex¬ 
ity  overhead  that  makes  them  somewhat  harder  to  use 
than  we’d  like. 

Anyway,  somewhere  along  our  search  path  we  stumbled 
upon  FolderShare  from  ByteTaxi.  FolderShare  is  a  folder 
synchronization  product  that  uses  a  server-based  directory 
to  manage  computers  that  are  to  share  a  “library  ByteTaxi  s 
term  for  a  synchronization  connection. The  subdirectories 
to  be  synchronized  at  either  end  will  most  likely  have  dif¬ 
ferent  names  and  be  located  in  different  subdirectories,  but 


the  library  name  will  be  the  same  for  all  computers. 

Once  the  connection  is  established  via  the  FolderShare 
server,  the  exchange  of  files  —  or,  for  current  files  that  have 
been  modified,  just  the  updated  blocks  —  is  done  using  a 
peer-to-peer  protocol.  This  protocol  is  proprietary  to 
ByteTaxi  and  encrypts  all  content  using  256-bit  Advanced 
Encryption  Standard  along  with  a  homegrown  end-to-end 
authentication  system. 

Once  logged  on  from  any  PC  . . . 
you  can  create,  edit  or  delete 
libraries  and  then  assign  two  or 
more  PCs  to  each  library. 

The  FolderShare  server  is  what  makes  FolderShare  pow¬ 
erful.  Once  logged  on  from  any  PC  (even  one  that  isn’t  run¬ 
ning  the  FolderShare  client  —  what  ByteTaxi  calls  ^“satel¬ 
lite”  software)  you  can  create,  edit  or  delete  libraries  and 
then  assign  two  or  more  PCs  to  each  libraryYou  can  invite 
people  to  use  libraries,  and  if  they  aren’t  already  a 
FolderShare  user,  they  are  sent  e-mail  with  a  link  to  down¬ 
load  the  software.  If  they  are  a  Foldershare  user  then  the 
FolderShare  application  will  notify  them  that  a  new  library 
is  available. 

The  synchronization  process  can  be  continuous  or  on- 
demand.  Once  a  library  is  created  and  the  participating 
computers  defined,  the  directory  tree  details  for  either  end 


are  exchanged.  Files  not  yet  transferred  are  allocated 
placeholders  —  empty  files  using  the  file’s  original  full 
name  (say  gearhead.doc)  with  the  file  type  ,p2p  append¬ 
ed  (thus  our  example  becomes  gearhead.doc.p2p). 

In  continuous  mode  the  files  are  eventually  downloaded, 
while  in  on-demand  or  continuous  modes  opening  a  .p2p 
file  forces  its  download. When  the  file  is  completely  down¬ 
loaded  the  original  file  name  will  be  restored.  The  on- 
demand  mode  is  very  important  for  users  on  low-speed 
dial-up  connections. 

FolderShare  accounts  are  licensed  at  three  levels:  basic 
(free),  limited  to  two  libraries,  each  with  no  more  than  500 
files  along  with  one  upload  or  download  at  a  time;  personal 
($50  per  year),  limited  to  100  libraries  with  20,000  files  and 
five  simultaneous  transfers;  and  professional  ($100  per  year), 
with  a  maximum  of  250  libraries  with  up  to  50,000  files  each 
and  no  limit  of  the  number  of  simultaneous  transfers. 

Connecting  a  basic  installation  to  a  library  on  a  profes¬ 
sional  installation  in  effect  upgrades  it  to  the  capabilities  of 
the  personal  version  for  that  library  Finally  the  personal 
and  professional  versions  support  Web-based  file  transfer 
so  you  can  retrieve  files  from  your  PCs  wherever  you  are  as 
long  as  they  are  powered  on  (natch). 

We  love  this  system.  It  works,  it  is  painless  to  set  up  and 
very  easy  to  manage. 

Sync  your  thoughts  with  gearhead@gibbs.com  and 
check  out  Gearblog  (www.networkworld.com/weblogs/ 
gearblog). 


CoolTools 

Quick  takes  on  high-tech  toys. 

Editor’s  note:  This  week’s  column  is  contributed  by  Peter  Hebenstreit. 

The  scoop:  ScreenPlay  5000,  by  InFocus, 
about  $1,800. 

What  it  is:  This  projector  takes  all 
the  benefits  of  video  technology 
and  packs  them  into  a  small  form 
factor.  With  plenty  of  video 
options,  you  can  connect  video 
sources  via  RCA,  RGB,  S-video  and 
digital  video  input,  with  HDCP  for 
digital  and  encrypted  digital 
video.  HDTV  and  component 
video  also  are  supported. 

The  video  resolution  of  the 
ScreenPlay  5000  is  among  the  best  I  have 
seen  from  a  projector.  With  720p  high-definition  projection, 
you  won’t  miss  a  detail. The  unit  is  perfect  for  projecting  movies,  sporting  events, 
“regular”TV  or  even  video  from  your  PC.  Not  only  is  the  image  crystal  clear,  but  it’s 
considerably  more  color  saturated  than  other  projectors  I’ve  seen. This  means  it’s 
less  important  to  have  a  completely  dark  viewing  environment.  InFocus  has  done 
a  magnificent  job  of  capturing  all  the  video  input  and  showing  the  difference  in 
video  connections.  After  testing  the  various  inputs  you  can  see  a  marked  differ¬ 
ence  in  output  between  a  composite  RCA  video  connection  and  a  component 
HDTV  connection. 

The  projector  supports  1,280-by-l, 024-pixel  resolution  for  connected  PCs  or 
Macs,  and  1 ,280-by-720-pixel  resolution  for  other  input  types  such  as  DVD.  The 


built-in  auto  keystone  feature  can  correct  the  image  shape,  or  you  can  control 
manually  for  20  degrees  of  horizontal  and  9  degrees  of  vertical  correction.  The 
device  is  easily  configurable  for  almost  any  color  contrast  and  clarity,  and  offers 
support  for  almost  every  image  size  available.  With  a  viewable  projection  of  up  to 
1 1  feet  wide, your  primary  limitation  will  be  the  size  of  your  screen. 

Why  it’s  cool:  Home  theater  sys¬ 
tems  have  come  a  long  way  since 
reel-to-reel  video.  Television 
screens  are  crisper,  clearer, 
brighter  and  larger.  And  with  each 
advancement  in  technology, 
prices  skyrocket.  A  good  large- 
screen  television  will  cost  from 
$3,000  to  $5,000.  A  home  theater 
projector  and  screen  combina¬ 
tion  are  priced  starting  at  about 
$3,500. 

Projectors  supply  an  option  for  those 
who  haven’t  made  the  investment  in  a  larg¬ 
er  TV  Not  only  can  you  place  a  projector  on  a 
table  or  shelf,  leaving  it  portable,  but  you  also  can 
mount  it  to  the  ceiling.Those  large  TV  stands  and  entertainment  centers  can  final¬ 
ly  be  removed  and  opened  up  for  your  home  theater. 

The  ScreenPlay  5000  was  impressive,  not  only  compared  with  TVs  but  also  with 
other  projectors.  And  it  was  easy  to  set  up  and  configure.  It’s  up  to  the  end  user  to 
decide  whether  to  use  it  to  show  PbwerPoint  presentations  in  the  office  or  video 
games  and  DVD  movies  at  home. 

Grade:  ★★★★  (out  of  five) 

Hebenstreit  can  be  reached  at  peter_hebenstreit@nww.com.  Keith  Shaw  can  be 
reached  at  kshaw@nww.com. 
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“An  open  letter  to  the  open  source 
community”  (www.networkworld. 
com,  DocFinder:  8222)  elicited  much 
feedback  from  readers.  Here’s  what 
some  had  to  say: 

Breathtaking  arrogance 


M 


JOHN  HERSEY 


I  essage  to  corporate  IT  executives:  Maybe 
I  you’ve  never  been  taught  not  to  look  a  gift 
horse  in  the  mouth. 

Open  source  exists  for  its  own  sake,  not  for  free¬ 
loaders.  Open  source  developers  scratch  their  own  itch.  If  their  software  is  useful  to  you, 
go  ahead  and  use  it.  Nobody  minds.  If  you  want  open  source  to  offer  something  more, 
start  paying  developers  and  documenters  to  do  those  things.  When  you’re  getting  some¬ 
thing  for  free,  it’s  a  bit  rich  to  make  demands. 

And  by  the  way  religion  is  what  motivates  many  open  source  developers,  so  don’t 
expect  them  to  “lose  religion”  and  start  coding  for  your  sake.  Why  should  they?  When  they 
lose  religion,  you  may  find  to  your  dismay  that  they  start  coding  for  themselves  alone. 
Lose  selfishness  yourself  and  try  to  contribute  to  the  greater  good. 

If  at  the  end  of  it  you  don’t  find  open  source  good  enough,  go  and  buy  a  closed-source 
product.  Nobody’s  stopping  you.  Nobody  in  open  source  loses  if  you  don’t  use  an  open 
source  product,  so  don’t  act  as  if  you’re  doing  open  source  a  favor  by  deigning  to  use  a 
free  product. 

There  is  no  limit  to  breathtaking  arrogance. 


Closed  Windows 

As  I  was  reading  the  open  letter  to  the  open  source  com¬ 
munity,  I  found  myself  nodding  along  with  several  of  the 
points. 

However,  I  found  myself  shaking  my  head  at  one  item.  It 
was  the  quote, “Wed  like  to  see  more  open  source  products 
for  Windows  that  are  more  than  just  the  Linux  version 
recompiled,  but  truly  Windows-centric  open  source  tools.” 
I’m  sure  you  would  like  to  see  that,  but  have  you  really 
stopped  to  think  why  you  don’t? 

Simply  put,  it  is  because  Windows  is  not  a  natural  habitat 
for  open  development  today  There  is  not  the  community  of 
developers  on  that  platform  willing  to  do  what  we  in  the 
open  source  community  do,  nor  is  there  the  technical  infra¬ 
structure  critical  to  such  development. 

As  an  open  source  developer  I  could  see  this  as  an  oppor¬ 
tunity  and  dive  in  and  write  open  source  software  for 
Windows.  But  what  exactly  would  I  gain?  1  don’t  use 
Windows  myself,  so  I’d  be  writing  software  I  would  not  per¬ 
sonally  benefit  from  while  reaping  the  displeasure  of  work¬ 
ing  in  a  closed,  foreign  environment  where  very  few  others 
are  adding  to  that  same  pool.  I’d  rather  contribute  to  a  plat¬ 
form  that  adds  to  and  sustains  my  efforts. 


Ganesh  Prasad 

Sydney,  Australia 

It  quickly  becomes  obvious  that  the  real  question  here  is 
not  why  today’s  open  source  developers  aren’t  developing 
software  for  Windows,  but  why  Windows  developers  aren’t 
joining  the  open  source  community  A  few  have,  but  many 
who  enter  the  open  source  world  do  so  on  non-Windows 
platforms. 

For  this  to  change,  Windows  developers  need  to  take 
action.  Expecting  developers  who  are  happily  centered  on 
openness  to  support  a  platform  they  don’t  use  themselves, 
with  little  to  no  payback,  is  not  particularly  realistic.  It’s  like 
expecting  wetland  creatures  to  suddenly  thrive  in  the  desert. 

If  you  want  open  software,  go  to  where  the  openness  is.  If 
you  wish  to  stay  on  a  platform  that  is  not  a  natural  envi¬ 
ronment  for  open  development,  then  you  need  to  start 
watering  that  desert. 

Aaron  Seigo 
KDE  core  developer 
Calgary,  Alberta 


Of,  by,  for  the  people 

When  I  scanned  the  open  letter,!  thought  you  were  listing 
the  strengths  of  free  and  open  source  software  (FOSS). The 
people  quoted  sound  like  they  don’t  know  anything  about 
FOSS.  Have  any  of  them  looked  into  it  to  see  whether  FOSS 
lacks  what  they  are  concerned  about?  1  think  not. 

Regarding  more  enterprise-class  support:  What  about  the 
support  that  is  furnished  by  IBM, Novell  (SuSE),HP  and  oth¬ 
ers?  Isn’t  that  good  or  sufficient  enough?  It  is  the  best  you 
can  get  and  better  than  the  support  some  commercial 
companies  or  their  collaborators  furnish. 

Regarding  better  documentation:  The  documentation 
made  available  by  the  FOSS  community  is  elaborate  and 
complete.  It  is  even  better  than  the  very  costly  documenta¬ 
tion  that  is  available  from  commercial  publishers. 

Regarding  a  sense  of  stability:  Please  name  a  FOSS  mis¬ 
sion-critical  application  that  has  been  decommissioned 
unless  another  replaced  it  that  is  much  better  and  more 
powerful.The  beauty  of  FOSS  is  that  the  code  is  yours  to  do 
with  it  whatever  you  like  as  long  as  you  abide  by  the 
General  Public  License  (GPL). 

Regarding  access  to  more  platforms:  FOSS  is  based  on 
open  API,  standards  and  protocols,  and  interoperates  with 
every  other  platform  in  existence,  including  Windows. 
Examples  include  Samba  and  OpenOffice. 

Regarding  a  commitment  to  stay  open:  Isn’t  the  GPL  a 
good  enough  guarantee?  1  suggest  you  read  it  and  fully 
understand  what  it  offers  and  guarantees. 

Regarding  a  focus  on  the  end  user:  1  don’t  see  how  some¬ 
one  could  ask  such  a  question.  FOSS  is  a  community  of  the 
people,  by  the  people,  for  the  people. 

Abe  Osman 
Ann  Arbor,  Mich. 

Listen  to  users 

More  enterprise-class  support?  IBM,  Novell,  Red  Hat  — 
isn’t  this  enterprise-class  support  enough? 

Better  documentation?  This  is  an  area  in  which  a  lot  of 
open  source  projects  need  to  improve.  A  well-documented 
project  you  forgot  to  mention  is  Samba. 

A  sense  of  stability?  Loss  of  interest  in  a  product  happens 
to  proprietary  software,  as  well  (Internet  Explorer  comes  to 
mind  as  a  very  recent  example). If  it’s  not  a  front-line  prod¬ 
uct  making  them  a  lot  of  money  most  software  companies 
will  lose  interest  in  supporting  and  maintaining  it.  At  least 
you  or  someone  you  hire  can  still  maintain  open  source 
software. 

Access  to  more  platforms?  This  requires  a  commitment 
from  Microsoft  to  support  such  efforts.  I  just  don’t  see  this 
happening. 

A  commitment  to  stay  open?  I’ve  seen  no  loss  of  support 
for  this  commitment  over  the  last  14  years.This  is  inherent 
in  the  General  Public  License  and  part  and  parcel  of  that 
“religion”  you  want  them  to  lose.  So  you  want  them  to  have 
more  of  something  they  already  have  too  much  of.This  one 
makes  no  sense. 

A  focus  on  the  end  user?  I’d  say  more  focus  on  the  end 
user. Yes,  open  source  developers  do  tend  to  talk  to  people 
they  have  more  in  common  with.Who  doesn’t?  Developers 
do  listen  to  end  users,  and  they  do  need  to  do  a  better  job 
of  it. 

Gary  Stewart 
Dallas 
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With  1&1  and  your  own  webcam  - 

Take  pictures  and  display  them  on  your  website! 


Are  you  ready  to  inspire  your  visitors  and  bring  your  website 
to  life?  Sign  up  for  1&1  Shared  Hosting,  eShops,  Microsoft 
SharePoint  Hosting  or  Microsoft  Exchange  Hosting  and  receive 
a  free  webcam  bundle*!  Take  impressive  pictures  and  record 
live  video  with  the  Logitech  QuickCam  Express  Webcam 
and  1&1  EasyCam  Software,  then  integrate  them  into  your 


website  using  simple  applications  and  no  programming.  You  can 
even  add  photos  to  your  e-mail  with  just  a  few  clicks  and  schedule 
pictures  at  regular  intervals.  Plus,  it's  easy  to  keep  your  photo  and 
video  files  organized  in  the  display  gallery.  Whether  your  website 
is  for  personal  or  business  use,  a  webcam  adds  excitement  and 
interest.  But  hurry,  this  offer  ends  August  26,  2005. 
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Advanced  Communications,  Inc. 


About u* 

Founded  in  1992.  Advanced  Convnunications.  Inc.  is  a  full-service  marketing  and  advert  sing  firm  that  has  worked  with 
some  of  the  most  prominent  advertisers  tn  the  Houston  area  We  want  to  make  your  business  more  successful  through 
effedive  marketing  plans. 
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n  Technology 

John  Dix 

Getting  serious 
about  FT  projects 

Project  management  skills  can  mean  the  difference 
between  a  project  that  generates  expected  returns  and 
one  that  morphs  into  a  sponge  and  soaks  up  surround¬ 
ing  resources.  And  when  you  have  hundreds  of  projects  in 
the  works,  this  difference  can  mean  your  job  or  the  very 
health  of  your  employer. 

That  was  the  message  that  emerged  from  a  panel  discussion 
of  project  management  experts  at  a  recent  Gartner  Group 
conference  on  project  and  portfolio  management  in  Boston. 

Consider  AAA  of  Northern  California/Nevada/Utah,  which 
employs  6,000, supports  4  million  members,  generates  some 
$2  billion  in  revenue  and  is  the  second  largest  of  AAAs 
regional  auto  clubs,  which  provide  auto  insurance,  financial 
services  and  travel  aids. 

“Eight  of  10  projects  are  on  time,  on  budget  now]’ says  Chief 
Portfolio  Officer  San  Retna. “Three  years  ago  that  was  true  of 
only  three  out  of  10.  And  each  point  [between  three  and  10] 
means  about  $2  million  in  additional  costs.”  The  AAA  chap¬ 
ter  today  takes  on  70  to  80  projects  per  year  that  cost  $200 
million,  Retna  says. 

“Projects”  in  AAAs  case  include  everything  from  business 
process  redesign  to  real  estate,  IT  infrastructure  upgrades  and 
application  development. 

Panel  member  Steve  Rice,  manager  of  Dell’s  Product  Life 
Cycle  Information  Management  program,  focuses  strictly  on 
IT.  He  says  that  when  he  started  his  job  in  1998  Dell  was 
roughly  a  $10  billion  company  and  there  were  900  projects 
in  the  works  and  on-time  delivery  was  only  30%.  Worse  yet, 
he  says  there  was  “no  visibility  into  the  health  of  the  pro¬ 
jects,  whether  they  were  on  time,  on  schedule,  on  scope.” 

It  took  years  to  sort  it  out,  but  the  payoff  is  huge. Today  Dell 
is  a  $50  billion  company  and  IT  spending  as  a  percentage  of 
revenue  is  1.3%,  down  from  1.9%,  even  as  project  workloads 
have  tripled. 

Patience  is  the  byword,  panelists  agreed.  Richard  Shapiro, 
manager  of  Royal  Caribbean  Cruises’  Program  Administration 
Office,  says  it  took  his  company  five  or  six  years  to  get 
to  where  it  is  today  —  capable  of  managing  1 ,000  active 
projects. 

The  highest  hurdle?  “Getting  IT  people  to  understand  struc¬ 
ture  and  accountability]’ Shapiro  says.The  goal  is  a  single 
point  of  truth  for  everyone,  instead  of  you  saying  you’re  two 
months  early  and  me  saying  you’re  two  months  late.” 

Planning  in  one  piece  at  a  time  is  the  best  way  to  avoid 
failure,  the  panelists  said.  And  the  job  is  not  for  the  faint  of 
heart.“It  takes  a  special  kind  of  person  to  step  into  IT  portfo¬ 
lio  management,  because  you  have  to  enjoy  getting  beaten 
on  a  regular  basis,”  says  Dell’s  Rice. 


—  John  Dix 
Editor  in  chief 
jdix@nww.com 


Rocking  the  boat 

Regarding  your  story  “Offshoring  .  .  .  offshore?” 
(www.networkworld.com,  DocFinder:  8126): 
Cruise  ship  companies  spend  gazillions  to  reduce 
the  sensation  of  movement  for  their  passengers.  I’ve 
only  been  on  one  cruise.lt  was  a  new,  state-of-the-art, 
oceangoing  cruise  ship  complete  with  internal  gyro¬ 
scopes  and  all  kinds  of  stabilization  technology 

The  ship  still  moved  around.  In  mere  1 0-foot  seas,  it 
moved  around  a  lot.The  passengers  noticed.The  ship 
altered  course  to  avoid  the  worst  of  the  situation. 

A  ship  anchored  far  enough  offshore  to  be  outside 
U.S.  territorial  waters  is  not  some  gigantic  home 
office,  as  the  owners  seem  to  think.  Forces  of  nature 
could  prevail  to,  er,  sink  this  ill-conceived  project  — 
from  motion  sickness  alone. 

Jodi  Colburn 
Principal 
Colburn  Group 
Los  Angeles 

Defining  government's  role 

I  appreciated  Johna  Till  Johnson’s  thoughtful,  bal¬ 
anced  column  on  the  role  of  government  regulation 
(DocFinder:  8127).  I  am  old  enough  to  fondly 
remember  relatively  cheap  universal  phone  service 
before  AT&T  was  broken  up  at  the  request  of  busi¬ 
nesses,  so  that  business  customers  could  end  the 
subsidy  of  residential  customers. 

I’m  a  former  postal  IT  worker.  When  the  U.S.  Postal 
Service  was  denied  itemized  billing  by  the  Federal 
Telephone  System  in  the  1980s  because  the  capabil¬ 
ity  wasn’t  there,  we  built  our  own  digital  private  elec¬ 
tronic  network.  The  backbone  connected  seven 
national  data  centers  and  250  mail-processing  cen¬ 
ters  with  fiber-optic  service,  then  a  brand-new  tech¬ 
nology  We  filed  proposals  for  “overnight  letters”  that 
would  be  scanned  at  one  post  office,  transmitted 
electronically  and  printed  at  the  destination  post 


office  for  guaranteed  next-day  delivery  nationwide. 
This  was  in  answer  to  the  new  technology  of  e-mail. 
The  year  was  1986  or  1987.  What  went  wrong?  The 
telegraph  industry  lobbied  Congress  to  require  that 
the  Postal  Service  use  the  existing  carriers  (Western 
Union  and  so  forth)  for  the  electronic  transmission 
because  it  appeared  to  them  to  be  competition 
rather  than  new  service. 

1  agree  with  Johnson  that  government  regulation 
should  be  biased  toward  protecting  the  most  vulnera¬ 
ble  parts  of  our  society  while  not  hindering  innovation. 

Hank  Merritt 
New  York 

Intuitive  beats  better 

Regarding  Dave  Kearns’  column,  “User  project 
should  send  up  red  flags  at  Novell”  (DocFinder: 
8128):  Users  flock  to  Windows  not  because  it’s  a  bet¬ 
ter  platform,  but  because,  as  Keams  suggests,  com¬ 
panies  can  quickly  find  solutions  to  Windows  prob¬ 
lems  because  it’s  more  intuitive  for  users  to  work 
with.  I  never  upgraded  my  Microsoft  Certified 
Systems  Engineer  certification  in  Windows  NT4 
because  in  all  the  later  versions  of  Windows,  it  only 
took  a  few  minutes  of  poking  around  to  find  a  solu¬ 
tion  to  whatever  problem  I  was  having. 

Unfortunately  Novell  products,  while  better,  have 
never  been  that  intuitive.  As  a  Master  Certified  Novell 
Engineer,  I  have  pulled  my  hair  out  over  Novell  prob¬ 
lems,  only  to  contact  Novell  support  and  have  them 
tell  me  (for  a  fee)  about  the  undocumented  com¬ 
mand,  or  unlisted  switch  setting,  or  not-for-public  dis¬ 
tribution  utility  that  solves  the  problem.  Rather  than 
deal  with  this,  most  users  would  rather  migrate  from 
Novell  to  Microsoft. 

Jon  Banks 
Marietta,  Ga. 

E-mail  letters  to  jdix@nww.com  or  send  them  to  John  Dix,  editor  in 
chief.  Network  World,  1 1 8  Turnpike  Road,  Southborough,  MA  01772. 
Please  include  phone  number  and  address  for  verification. 
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INFRASTRUCTURE 
INSIGHTS 
Daniel  Minoli 


Start  planning  for  the  nanorevolution 


Industry  planners  often  focus  on  the  next  six 
months,  and  occasionally  the  next  15  months. 
This  is  understandable  because  corporate 
budgets,  strategies  and  technology  initiatives  typi¬ 
cally  have  annual  horizons.  Sometimes  it  is  useful 
to  look  a  few  years  out,  realize  where  things  might 
be  going  and  then  set  road-map  targets  to  be  con¬ 
sistent  with  the  overall  technology  trend. 

One  telecom  area  of  growth  in  the  immediate 
future  is  nanotechnology  —  specifically  nano¬ 
electronics,  nanophotonics  and  quantum  com¬ 
puting.  Nanotechnology  is  the  science  and  engi¬ 
neering  of  entities  the  size  of  1  to  50  nanometers 
(nm)  —  a  few  billionths  of  a  meter.This  is  the  size 
range  where  physics  (dealing  with  photons,  elec¬ 
trons,  atoms  and  molecules)  intersects  with  biol¬ 
ogy  in  terms  of  DNA  elements  (DNA  helix,  a 
hemoglobin  molecule,  a  cell’s  wall  or  a  small 
virus).  Because  of  the  dimensions  involved,  the 
principles  of  quantum  physics  also  apply 
Nanostructures,  such  as  nanophotonic  devices, 
nanowires,  carbon  nanotubes  and  plasmonics 
devices,  are  expected  to  be  incorporated  into 
telecom  components  and  microprocessors  in  the 
next  few  years,  leading  to  more  powerful  commu¬ 
nication  systems  and  computers. 


Nanoelectronics  supports  the  design  of 
nanoscale  devices  that  have  electronic  properties 
such  as  transistor, switching,  amplifying,  tunneling 
and/or  logical  relay  capabilities.  Silicon-based 
semiconductor  technology  has  advanced  at 
exponential  rates  in  both  performance  and  func¬ 
tionality  over  the  past  50  years. There  is  a  desire  to 
continue  to  decrease  gate  sizes  and  increase 
intrinsic  functionality  “Classical”  methods  have 

Nanotechnology  is  enter¬ 
ing  the  telecom  and  IT 
field,  so  start  learning 
about  it  now. 

already  reached  50  nm,  but  further  miniaturiza¬ 
tion  is  sought.To  achieve  this,  current  microelec¬ 
tronics  might  have  to  be  eclipsed  by  quantum- 
effect  devices.  Nanoscale  researchers  already 
work  with  electronic  circuits  as  small  as  10  nm. 

Through  technological  advances,  Moores  Law 
—  the  doubling  of  the  number  of  transistors  that 
can  be  packed  in  an  integrated  circuit  every  18 
months  —  has  remained  accurate  during  the 
past  40  years.  Observers  expect  this  law  will  con¬ 


tinue  to  hold  for  five  more  years;  after  that,  it 
could  break  down,  as  the  thickness  of  semicon¬ 
ductor  layers  reaches  the  single-digit  nanoscale. 

Replacement  devices  include  smaller  silicon 
transistors,  single  electron  transistors,  resonant 
tunneling  diodes,  magnetic  spin-based  devices 
and  molecular  devices.  Single-electron  transis¬ 
tors  have  a  switching  capability  controlled  by 
removing  or  adding  a  single  electron. Tunneling 
is  using  quantum  properties  of  electrons  to  allow 
transmission  through  a  thin  voltage-potential  bar¬ 
rier.  Spin  nanoelectronics  is  the  utilization  of  the 
electron’s  spin  for  storage  or  computation. 

Nanoelectronics  is  here:  Magnetic  RAM  chips 
are  shipping,  organic  light-emitting  diode  dis¬ 
plays  are  in  prototype,  and  carbon  nanotube 
interconnects  and  nanowires  will  appear  in  a 
couple  of  years.  Nanotechnology  is  entering  the 
telecom  and  IT  fields,  so  start  learning  about  it 
now. 

Minoli  is  an  adjunct  professor  in  the  Stevens 
Institute  of  Technology’s  graduate  school  and 
author  of  a  book  on  nanotechnology  applications 
to  telecom,  networking  and  IT.  He  can  be  reached 
at  minoli@att.net. 
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Daniel  Briere 


Three  wireless  IT  products  to  keep  tabs  on 


As  a  consultant  in  new  product  and  service 
launches,  1  get  to  see  (and  play  with)  a  lot  of 
stuff  in  early  development.  Sure,  there  are 
enhancements  and  add-ons  to  be  created  here 
and  there,  but  you  can  usually  tell  right  away 
when  a  company  is  on  to  something  that  will  be 
important. 

Here  are  three  very  interesting  wireless  prod¬ 
ucts/services  that  you  should  try  out  now,  so  that 
when  the  technologies  hit  Version  3.0  and 
become  mainstreamed, you ’re  ready  to  go.  I’m  not 
saying  that  the  current  incarnations  are  the  ideal 
products,  but  that  the  overall  concept  embodied 
by  them  will  play  a  role  in  your  corporate  IT  strat¬ 
egy  sometime  soon  —  so  get  a  head  start. 

Cellular  routers.  A  cellular  router  takes  in  a 
wireless  WAN  connection  and  makes  it  available 
to  multiple  clients  on  the  LAN  side.  Often,  the 
LAN  connections  are  not  just  10/100M  bit/sec 
Ethernet-wired  connections,  but  include  an 
802.11  connection,  as  well.  Key  applications 
include  landline  backup  (important  for  keeping 
those  credit  card  swipe  machines  operating  dur¬ 
ing  the  holidays),  telemetry  (fleet  management 
now  can  be  more  interactive  and  video- 
enabled)  and  other  fixed  wireline  applications. 
Key  vendors  include  broadband  wireless  com¬ 
panies,  such  as  Kyocera,  and  start-ups,  such  as 
Junxion.  Pricing  starts  around  $500  (plus  PC 
card  and  monthly  service  expense)  and  goes  up. 
1  like  Junxion’s  approach  thus  far,  because  it’s  not 
hard-wired  for  a  particular  carrier.  Just  plug  in 
any  broadband  carrier’s  wireless  data  network 


PC  card,  and  you’ve  got  an  instant  hot  spot  wher¬ 
ever  you  are.  While  wired  consumers,  like  me, 
will  want  one  of  these  in  their  car  right  away, 
firms  will  use  them  to  extend  their  Wi-Fi  infra¬ 
structure  to  more  roaming  platforms.  Google  re¬ 
portedly  uses  cellular  routers  on  its  regional 
campus  buses  to  maintain  Wi-Fi-driven  connec¬ 
tivity  for  employees  between  buildings.  You’ll 
want  to  plan  for  how  broadband  data  services 
from  the  cellular  providers  mesh  with  your  inter¬ 
nal  applications.  It’s  also  a  lot  easier  and  more 
cost-effective  to  start  with  a  shared  data  service 

‘Being  connected’  is  . . . 
almost  something  that  we 
tattoo  on  our  arms. 

application  such  as  a  cellular  router-driven  data 
application.  These  initial  products  reflect  sec¬ 
ond-generation  experience  in  broadband  data 
and  are  quite  useful  in  many  current  applica- 
tions.Try  one, you’ll  like  it. 

Cellular  service  extenders.  1  can’t  get  cell 
phone  access  in  my  home.  And  I  get  no  sympathy 
from  my  cellular  provider  (Verizon  Wireless... 
can  you  hear  me  now?  No!). So  imagine  my  plea¬ 
sure  in  running  into  firms  that  are  seeking  to 
specialize  in  bringing  signals  into  my  home. 
Wireless  Extenders  and  Digital  Antenna  sell 
units  in  which  you  mount  an  external  omni  or 
directional  antenna  on  the  outside  of  your  home 
and  wire  it  to  a  paired  repeater  somewhere  cen¬ 


trally  in  the  home.Voila,  in-home  cell  coverage 
for  about  $300  to  $600.  For  me,  that’s  less  than 
two  months  of  cell  service  costs.  My  IT  guy  tried 
out  our  test  units  and  wouldn’t  return  them 
because  he  needed  to  boost  his  own  signal 
strength  in  his  home  for  off-hours  support  calls 
—  at  least  that’s  the  excuse  he  gave.  As  employ¬ 
ees  become  more  reliant  on  cell  phones  for 
business  activities,  they  need  to  be  in  touch. 
These  products  need  to  be  more  user-friendly  to 
install,  and  Wireless  Extenders’  product  needs  to 
support  the  full  range  of  spectrums  sold  in  the 
U.S.  (this  feature  is  coming  in  the  fall),  but  these 
companies  are  on  the  right  track. 

Business  location  cellular  service  extenders. 
Same  product  idea,  bigger  coverage  area  and 
higher  cost,  but  same  value  proposition.  You’ve 
got  all  those  cell  phones  inside  your  office  area, 
but  can’t  get  a  signal.  So  check  out  products 
such  as  SpotWave.  Your  cellular  provider  might 
have  specific  partners  of  a  similar  kind.  These 
products  will  run  about  $2,500  to  $4,000  or  so  for 
a  standard-sized  office  area. 

Wireless  is  becoming  embedded  in  our  lives 
across  the  board.“Being  connected”  is  more  than 
a  philosophy;  it’s  almost  something  that  we  tattoo 
on  our  arms.  Products  such  as  the  ones  above  get 
you  one  step  ahead  of  the  next  catchphrase, 
“Staying  connected." 

Briere  is  CEO  of  TeleChoice,  a  market  strategy 
consultancy  for  the  telecom  industry.  He  can  be 
reached  at  teIecomcatalyst@telechoice.com 


SAS,  the  leader  in  business  intelligence  software,  asks 


Could  your  IT  dollars  be  better  spent? 


SERVICE  LEVEL  management 


RESOURCE  MANAGEMENT 


CHARGE  MANAGEMENT 


VALUE  MANAGEMENT 


No  business  wants  to  believe  it’s  wasting  precious  IT  dollars.  So  if  executives  and  co-workers  grumble  about  IT  service, 
and  you’re  convinced  those  services  could  be  put  to  better  use,  let  SAS  help.  With  SAS®  IT  Management  solutions, 
you  can  measure,  manage,  understand  and  communicate  the  quality  of  every  IT  service  more  accurately.  You’ll 
know  precisely  how  your  business  is  using  IT  resources.  Ensure  maximum  performance  and  response  times.  Predict 
strategic  and  financial  trends.  And  clearly  visualize  the  value  of  IT  from  business,  revenue  and  profit  perspectives. 
Visit  our  Web  site  to  learn  more  and  read  our  free  white  paper,  Align  IT  with  Business  and  Budget  Strategies. 
Or  call  us  toll  free  1  866  731  1364. 

www.sas.com/spent 


Author  Nicholas  Carr  and  top  business  influencers  join  in  a  lively  discussion  about  his  controversial  book,  Does  IT  Matter? 
Check  out  our  Web  site  for  more  on  this  informative,  on-demand  Web  seminar. 


The  Power  to  Know* 


SAS  and  all  other  SAS  Institute  Inc.  product  or  service  names  are  registered  trademarks  or  trademarks  of  SAS  Institute  Inc.  in  the  USA  and  other  countries.  ®  indicates  USA  registration.  Other  brand  and  product  names  are  trademarks  of  their  respective  companies.  ©  2005  SAS  Institute  Inc.  All  rights  reserved.  33841 5US.0605 
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Network  professionals  are 
enjoying  substantial  increases 
in  pay,  especially  at  the  highest- 
and  lowest-tier  job  titles. 


Haiti  work, 

good  pay 


BY  JOANNE  CUMMINGS 


Everyday, 


you  work  to  ensure  your  network 
flawlessly  supports  your  organiza¬ 
tion’s  mission-critical  business  processes.  And  when  payday  rolls 
around, your  reward  justifies  the  effort.  Network  executives  saw  their 
base  pay  increase  5.1%  in  2004,  reaching  $110,620,  according  to 
Network  World’s  2005  Salary  Survey  of  2,430  respondents,  conducted 
with  researchers  King,  Brown  &  Partners.  In  fact,  the  numbers  look 
good  all  around.  When  adding  in  bonuses,  stock  options  and  other 
benefits  to  base  pay  network  executives  —  those  with  senior-level 
titles  (senior  vice  president/vice  president  of  MiS/IT/IS/DP)  — 
pulled  in  $131,170  in  total  compensation.That’s  an  increase  of  3.9% 
over  last  year’s  $126,240,  especially  healthy  compared  with  the  2.8% 
rate  of  inflation  that  InflationData.com  reported  for  2004. 


Respondents  at  the  highest  and  lowest  tiers  —  CIO  and  staff  — 
saw  the  biggest  gains.  For  instance,  those  at  the  CIO  level  report  that 
total  compensation  increased  from  $133,480  to  $143,880  —  a  whop¬ 
ping  7.8%  —  while  respondents  at  the  staff  level  report  total  com¬ 
pensation  increases  of  5.2%,  up  from 
$67,920  in  2004  to  $71,480  in  2005. 

Bonus  increases  followed  a  similar 
pattern.  Network  executives  report 
average  bonuses  of  $14,910  in  2005, an 
increase  of  just  0.4%  over  2004. Those 
at  the  CIO-level  report  smaller  dollar- 
amount  bonuses  ($13,590)  but  a  big¬ 
ger  percentage  increase  (18.2%)  over 
last  year’s  bonus  numbers.  Staffers,  on 
average,  received  a  huge  15%  increase 
in  bonuses, totaling  $2,370. 

Network  executives  actually  saw  a 
decline  in  stock  compensation, down 
6.2%  to  just  $2,420  this  year.  CIOs 
reported  a  modest  stock  increase  of 
1.7%  to  $4,690,  while  staffers  saw  a 
12.5%  increase  in  stock  compensa¬ 
tion  to  $630.  In  the  “other  income”  cat¬ 
egory,  which  includes  items  such  as 
car  allowances,  pay  premiums  (for 
overseas  work,  for  example),  and 
See  Salary,  page  44 


Salary  calculator 
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Want  a  more  personal  salary  estimate?  Visit  the 
salary  calculator  on  www.nww.com.  You  plug  in 
the  criteria  and  well  calculate  your  earning 

power.  DocFInder:  8121 


Your  salary 


Bruce  Sachetti,  director  o;  fef:h  c.cc - 

'  - Z  -  “/ices  >>> 

Higher  |Day  accompanies  a 
new  job  title  and  more 
responsibility. 
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income  such  as  consulting  fees,  network 
executives  reported  a  7.6%  increase  to 
$1,4 10,  whereas  CIOs  reaped  nearly  double 
the  increase,  13.6%  or  $1,840.  Staffers  report¬ 
ed  a  9.3%  increase  to  $940. 

One  theme  for  2005  is  that  network  exec¬ 
utives  are  trying  to  do  more  work  without 
increasing  staff  head  count.  As  such, 
respondents  say,  they  are  making  sure  the 
few  staffers  they  have  are  happy  at  least 
monetarily“We’re  running  a  fairly  tight  ship 
nowadays.  My  group  has  not  changed  in 
size  since  I  got  here  a  year  ago,  but  we’re 
working  with  at  least  20%  more  systems 
now, and  we’re  trying  to  keep  people  happy 
and  keep  them  around," says  Joel  Hofman, 
assistant  vice  president  and  senior  network 
engineer  at  JRI  America,  the  New  York  IT 
subsidiary  of  financial  services  firm 
Sumitomo  Mitsui  Financial  Group. 

Thus,  bonuses  have  increased  substantial¬ 
ly  for  staffers,  he  adds.“We’re  trying  to  keep 
fixed  costs  such  as  salaries  down  but  are 
making  up  the  difference  in  variable  costs 
such  as  bonuses,”  Hofman  says. 

While  network  executives  generally  have 
not  achieved  the  increases  reported  by 
other  titles,  some  say  that  they  are  being 
promoted  rather  than  gaining  salary  hikes. 
For  example,  Bruce  Sachetti  received  a 
much  healthier  increase  than  the  3.9% 
average  hike  in  total  compensation  when 
he  was  promoted  to  director  of  enterprise 


V 


architecture  at  ADT  Security  Services  in 
Aurora,  Colo.  As  a  director,  Sachetti  is  one 
step  below  the  CIO.  “I  consider  myself  one 
of  the  technology  leaders  here,  and  I  con¬ 
tinue  to  manage  the  network  and  telecom¬ 
munications  teams,”  he  says.“In  general,  our 
increases  were  around  3%, and  my  increase 
would  have  been  in  that  range  had  I  not 
taken  on  some  additional  responsibility 

More  pay,  more  work 

As  in  the  past,  respondents  say  that  when 
it  comes  to  landing  promotions  and  fatter 
paychecks,  business  knowledge  trumps 
more  technical  know-how  such  as  certifi- 
cations.“Once  you  hit  this  level, you  have  to 
put  a  lot  less  emphasis  on  being  a  technical 
expert  and  getting  certifications,  and  more 
on  understanding  business  goals,  the  big 
picture  and  the  overall  direction  of  the 
company  Sachetti  says.  “What’s  being 
stressed  right  now  from  the  top  is  the  align¬ 
ment  of  the  vision  of  those  with  the  CXO 
titles,  with  the  technologists  and  with  the 
lines  of  business.  If  you  can’t  marry  all 
three,  you’re  really  not  going  to  move 
beyond  just  managing  technologists.” 

To  that  end,  respondents  are  looking  to 
earn  graduate-level  degrees  and  MBAs  in 
an  effort  to  make  themselves  more  attrac¬ 
tive  to  upper  management.  “I  am  a 
[Certified  Novell  Engineer],  Novell 
Engineer  and  Microsoft  Engineer,  but 
right  now  I’m  pursuing  a  project  manage¬ 
ment  certification  and  my  MBA,”  says  A1 

See  Salary,  page  46 


What  you  make 

Change 
from  2004 

Change 
from  2004 

Change 

Title 

2005  base 

2005 

2005 

Change  from 

2005  total 

from  2004 

pay* 

base  pay 

bonus 

bonus 

stock 

2004  stock 

compensation  ** 

compensation 

Senior  IT  officers 

GIO 

$121,430 

7.3% 

$13,590 

18.2% 

$4,690 

1.7% 

$143,880 

7.8% 

Senior  VP/VP  MIS/IT/IS/DP 

$110,620 

5.1% 

$14,910 

0.4% 

$2,420 

-6.2% 

$131,170 

3.9% 

General  corporate  management 

$99,790 

10.2% 

$10,430 

15.2% 

$2,200 

136.6% 

$114,950 

9.2% 

Middle  IT  management 

MIS/IT/IS/DP  manager 

$77,830 

5.2% 

$3,700 

18.6% 

$390 

-2.5% 

$83,870 

5.6% 

LAN,  WAN  or  network  manager 

$76,280 

4.1% 

$3,310 

14.5% 

$1,240 

6.9% 

$82,850 

5.1% 

Telecom  manager 

$74,070 

4.7% 

$4,070 

13.7% 

$560 

24.4% 

$81,110 

6.4% 

Internet,  intranet,  e-commerce  manager 

$78,710 

5.4% 

$2,000 

21.2% 

$290 

61.1% 

$81,000 

5.8% 

Staff 

LAN,  WAN  or  network  administrator 

$62,210 

5.0% 

$2,100 

15.4% 

$290 

20.8% 

$66,470 

5.4% 

Network  architect,  designer,  analyst 
or  database  administrator 

$74,500 

4.1% 

$2,750 

10.4% 

$820 

577% 

$79,940 

5.0% 

Network  operator  technician  or  other 
network  operations  staff 

$56,600 

78% 

$1,570 

40.2% 

$460 

31.4% 

$60,370 

8.7% 

Trainer,  help  desk,  tech  support 

$48,700 

4.3% 

$900 

0% 

$170 

13.3% 

$52,900 

4.8% 

Software  or  Web  programmer/developer 

$68,950 

4.9% 

$3,010 

22.4% 

$1,280 

-3.8% 

$75,880 

5.2% 

'All  monetary  figures  are  means.  "  Total  compensation  Includes  "other  income,"  such  as  car  allowances,  ppy  premiums  and  consulting  fees,  source:  2005  network  world  saury  survey;  2.430  respondents 


YOUR  INFRASTRUCTURE  MAY  PROTECT  EMPLOYEES  INSIDE. 

What  protects  employees  outside? 


She  works  from  home.  She  works  from  the  road.  And  she  endangers 
the  network  everywhere  she  goes.  That's  why  you  need  Websense 
software — to  provide  security  protection  at  the  desktop  and  beyond. 
Close  the  security  gap.  Download  your  free  evaluation  today. 
www.websense.com/mobile5 


SECURING  PRODUCTIVITY™ 


©  2005  Websense.  Inc.  All  rights  reserved.  Websense  is  a  registered  trademark  of  Websense.  Inc.  in  the  United  States  and  certain  international  markets. 
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Antonelli,  manager  of  IT  at  SHI-APD 
Cryogenics,  a  manufacturing  compa¬ 
ny  in  Allentown,  Pa.“Certifications  are 
important,  but  at  the  level  that  I’m  at, 
certifications  probably  aren’t  as 
important  as  an  MBA.  To  make  it  to 
the  CIO  level  or  the  director  of  IT 
level,  an  MBA’s  a  requirement  of  the 
job.  They  won’t  even  look  at  your 
application  without  it.” 

The  survey  bears  this  wisdom  out.  Those  with  graduate- 
level  degrees  command  much  larger  salaries  than  those 
with  lesser  degrees.  For  example,  on  average,  respondents 
holding  bachelor’s  degrees  make  $78,020,  while  those 
with  graduate  degrees  pull  in  $90,050.  Interestingly  respon¬ 
dents  who  have  no  certifications  tend  to  command  high¬ 
er  salaries  than  those  who  do  (see  “Hit  the  books  for  big¬ 
ger  payf  below). 

Obviously  the  more  responsibilities  net  execs  have,  the 
greater  their  paychecks.  Unfortunately  this  year’s  survey 
like  those  in  the  past,  finds  that  the  monetary  boost  comes 
with  a  corresponding  increase  in  hours  worked  (see 
“Make  more,  work  more,”  below). 

In  fact,  respondents  typically  work  more  than  the  tradi¬ 
tional  40-hour  week,  clocking  in  an  average  of  50.65  hours 
weekly  “It’s  not  unheard  of  for  me  to  work  50  or  60  plus 
hours  per  week,”  says  Sheli  Lindholm,  IT  manager  at 
Northwest  Kia  Megastores  in  Wenatchee,  Wash.“For  my  last 
paycheck,  I  worked  36  hours  over  the  standard  hours  for 
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Make  more,  work  more 

’  •  On  average,  respondents  wo 
well  over  the  traditional  40  hour 
additional  hours  mean  more  mo 
with  added  responsibilities,  as 

Hours  worked  per  week 

rk  50.65  hours  per  week, 
s.  Although  those 
ney,  they  usually  come 
veil. 

2005  base  pay 

Less  than  45 

$67,080 

45-54 

$76,860 

55+ 

Loyalty  increase 

$85,860 

»s  with  income 

As  income  increases  so  does  loyalty -to  a  point. 
Those  making  less  than  $60,000  are  more  likely  to  be 
looking  (seekers)  and  those  making  more  than  $100,000 
are  more  likely  to  be  staying  put  (loyalists). 


FIGURES  INTHOUSANDS 

$20-39 


$40-59 


$60-79 


$80-99 


$100  + 


SOURCE:  2005  NETWORK  WORLD  SALARY  SURVEY.  2.430  RESPONDENTS 


Seekers 

Actively  looking  for 
a  new  job 

Explorers 

Monitoring  the  market 

Approachables 

Would  apply  if  asked 

Loyalists 

Staying  put 


that  pay  period  —  and  that’s  not  unusual.” 

This  is  primarily  because  of  the  need  to  support  busi¬ 
nesses  that  operate  24  hours  a  day,  seven  days  a  week, 
respondents  say“I  telecommute,  but  I’m  still  expected  to 
be  in  the  office  40  hours, ’’Antonelli  says.“So  the  work  I  do 
telecommuting  is  in  addition  to  the  regular  work  week.” 
He  says  he  puts  in  46  to  48  hours  in  a  typical  week.“I  have 
to  support  people  from  California  to  the  U.K.,so  I  have  a 
long  day.” 


Satisfaction  goes  beyond  pay 

Lindholm,  who  has  two  young  children,  says  her  long 
hours  come  with  corresponding  flexibility  “For  me,  family 
friendliness  is  a  really  big  thing,”  she  says.  “If  my  kids  are 
sick,  I  can  do  90%  of  my  job  at  home  or  out  of  the  office, 
and  nobody  needs  to  know  about  it. As  long  as  I’m  answer¬ 
ing  my  cell  phone  and  I’m  reachable,  it  doesn’t  matter 
where  I  am.” 

Still,  such  flexibility  tends  to  result  in  even  longer  work 

See  Salary,  page  48 


When  it  comes  to  what  you  value  most, 
your  current  job  just  isn't  up  to  snuff. 

Can’t  get 


Key  finding  of  this  year's  survey  was.  the  disconnect  between  what,  network  executives 
Vyl  lw  want  in  their  job,  and  what  they  actually  have.  In  Network  World's  2005  Salary  Survey.  2.43G 
respondents  named  the  jc  factors  they  considered  most  mportau:  to  1. 
their  satisfaction  with  each  factor  at,  their  current  job,  The  areas  respondents  ranked  most  important  were  not 
the  ones  with  which  they  felt  most  satisfied,  in  fact,  of  all  the  most  important  factors*  only  one  —  job  security  — 
also  earned  good  satisfaction  marks,  but  not  good  enough,  Job  security  is  No.  1  in  importance  to  respondents,, 
yet  lands  at  No.  5  on  the  satisfaction  list.  Other  criteria  considered  highly.  Important,  including  base  salary  a  no 
Overall,  compensation,  fall  even  further  down  the  satisfaction  list.  (13  and  15,,  respectively). 

At  Antonelli,  IT  manager  at  SHI-APD  Cryogenics,  a  manufacturing  company  in  Allentown,  Pa,,  has  a  theory  about 
the  overall  dissatisfaction  found  in  the  survey, 

“Look  mg  back  over  the  last  10  years,  It  was  a  lot  of  fun  to  work  in  the  industry,  especially  in  the  late  '90s  when 
everything  was  technology  and  the  Nasdaq  was  popping,”  he  says.  "The  IT  department  gained  new  importance 
within,  the  organization  and.  consequently  so:  did  the  IT  managers  and  leaders,  who  finally  had  a  seat  at  the 
management  table  on  equal  footing  with  the,  controllers  and  CFOs.  But  with  the  dot-com.  bust  and  the  econo¬ 
my,  ,1  think  that’s,  reverting  now,  I  think  the  CFOs  are  asserting  themselves,  and  that  has  a  lot  to  do  with  it.” 

Others  say  the  findings  are  due  to  the  fact  that  net¬ 
working  is  sometimes  an  Invisible  job,  “Thera  is  an 
expectation  in  the  business  world  that  the  network 
will  be  up  and  running  all  the  time,”  says  Joel 
Hof  marf,  assistant  vice  president  . and  senior  network 
engineer  at  JRI  America,  the.  IT  group,  of  Sumitomo 
Mitsui  Banking,  in  New  York.  “And  It's  only  when 
something  breaks  that  the  business  remembers 
there's  a  network  group  supporting,  everything.  So 
there's  always  this'  negative  connotation  floating 
ground  the  network,  anc:  I  think  that  leads  to  a  certain 
amount  of  dissatisfaction," 

—  Joanne  C  immings 
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IQ 
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Autonomy 

11 

10 

16 

Recognition  appreciation 
of  your  work 

12 

11 

Flexible  work  schedule 

13 
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Advancement  potential 

Proximity  to  home 

Performance  incentives  bonuse: 

14 

15 

i  16 

17 

3 

19 

Industry 

17 

IQ 
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Opportunity  to  telecommute 

19 
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Stock  options 

20 
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MORE  SECURITY. 


Today  you  can  secure  your  infrastructure  without  putting 
your  budget  in  jeopardy.  How?  ProCurve  Networking  by  HP. 
It  can  help  stop  both  wired  and  wireless  intruders  at  the 
edge  and  the  core  of  your  infrastructure.  It  also  instantly 
recognizes  and  tracks  your  authorized  users,  so  they  gain 
access  precisely  to  the  information  they  need — and  that 
means  they  can  be  more  productive.  Finally,  with  ProCurve, 
you  can  get  smarter  security  at  a  significantly  lower  cost. 
Get  more  from  your  network.  And  get  it  for  less. 


Find  out  more  about  ProCurve  security  solutions.  Download  white  papers  on  Secure 
Mobility  and  our  cost-of-ownership  analysis  at  www.hp.com/network/security. 


ProCurve  Networking 


HP  Innovation 


©2004  Hewlett-Packard  Development  Company,  L.P 
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hours,  she  says.  “I’m  probably  working 
twice  as  much  because  I  can  work  from 
anywhere.” 

Lindholm’s  experience  is  echoed  in 
the  survey  results.  Family  friendliness  is 
once  again  in  the  Top  10  list  of  impor¬ 
tance  in  terms  of  job  criteria.Still, respon¬ 
dents  cite  job  security  as  their  most 
important  criteria,  with  benefits,  overall 
compensation,  base  salary  and  challenge  of  work  rounding 
out  the  Top  5  (see  “Can’t  get  no  satisfaction,”  below). 

ADTs  Sachetti  agrees  that  compensation  and  benefits  are 
a  priority  but  he  says  a  stimulating  work  environment  is  just 
as  important.“What  keeps  me  interested  in  my  position  and 
keeps  me  here  is  that  it  is  challenging,”  he  says.“They’re  not 
shy  about  throwing  additional  opportunities  and  challenges 
your  way  to  the  extent  that  you’re  able  to  handle  them.” 

So  when  it  comes  to  your  job, you  know  what  you  want. 
But  do  you  actually  get  it?  According  to  the  survey 
respondents  in  general  find  their  current  positions  want¬ 
ing,  especially  in  terms  of  overall  compensation  and 
benefits. Such  dissatisfaction  can  be  attributed  to  a  num¬ 
ber  of  factors,  but  organizations  would  be  wise  to  rethink 


overall  compensation  for  their  IT  groups,  especially  as  it 
equates  to  corporate  loyalty 

In  fact,  rewarding  your  staff  now  is  less  expensive  than 
paying  to  hire  and  train  new  employees  as  a  result  of 
turnover,  says  JRI  America’s  Hofman.  “Companies  can’t 
spend  the  time  and  money  that  constant  turnover 
requires,”  he  says.“When  you’re  supporting  a  large  environ¬ 
ment  and  a  variety  of  technologies,  it’s  actually  cheaper  to 
make  sure  your  current  staff  is  happy  and  sticks  around.” 

And  according  to  the  survey,  overall  compensation  is 
key  to  that  happiness.  Respondents  who  make  less  than 
$60,000  are  more  likely  to  be  seeking  or  exploring  new 
job  opportunities,  while  those  making  between  $60,000 
and  $100,000  aren’t  likely  to  be  actively  seeking  new 
employment,  although  they  tend  toward  openness  when 
it  comes  to  being  approached  about  other  positions. 
Those  making  more  than  $100,000  tend  to  be  most  loyal 
to  their  current  companies. 

Among  those  who  find  their  top  criteria  lagging,  however, 
most  seem  to  find  enough  pluses  in  their  current  positions 
to  engender  a  fair  amount  of  loyalty 

For  Kia  Megastores’  Lindholm,  lower  pay  was  a  tradeoff 
she  willingly  made  for  family  friendliness  when  she  left  her 
former  job  as  a  consultant.  Still,  she  is  surveying  her  imme¬ 
diate  area  to  get  a  handle  on  the  going  rate  for  her  position 
in  order  to  lobby  for  a  compensation  increase  during  her 


upcoming  annual  review.  Lindholm  figures  she  is  under¬ 
compensated  for  her  position  and  geographical  location 
—  by  nearly  half. 

“1  know  someone  who  runs  a  similar  shop  to  mine.  She’s 
based  in  Seattle,  and  has  a  shop  here  in  Wenatchee,” 
Lindholm  says.  “But  she  makes  $70,000  a  year,  whereas  1 
make  $42,000.  So  I  know  I’m  really  undercompensated.” 

Still,  the  benefits  of  her  job  outweigh  the  compensation 
downside,  and  she  has  faith  that  her  firm  will  eventually 
come  around  to  paying  her  what  she’s  worth. 

“Having  autonomy  is  more  important  for  me  than  overall 
compensation,  and  I  have  that  here.  For  the  most  part,  they 
let  me  do  what  I  need  to  do,  and  they  understand  that  1 
know  how  to  do  my  job  and  that  I’m  really  good  at  my  job. 
They  appreciate  me,  which  is  ke/  she  says. 

“I’ve  been  offered  other  jobs, ’’she  says,  noting  that  she  has 
a  standing  offer  to  return  to  a  previous  position  at  the  con¬ 
sulting  firm. “But  I  believe  in  this  company  . . .  and  that  my 
loyalty  will  be  rewarded.” 

This  year’s  numbers  give  substance  to  her  belief.  Overall, 
salary  increases  for  network  positions  continue  to  outpace 
inflation,  reinforcing  that  networks  are  critical  for  business¬ 
es.  And  those  who  run  them  continue  to  be  rewarded. 

Cummings  is  a  freelance  writer  in  North  Andover,  Mass. 
Reach  her  at  jocummings@comcast.net. 
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Introducing  DuPont™  certified  limited  combustible  cable.  In  the  event  of  a  fire,  securing  your 
business’  uptime  is  crucial.  The  data  communications  cable  you  choose  could  play  a  key  role  in 
protecting  your  network  technology  investment.  DuPont™ certified  cable  produces  20  times  less  smoke 
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Network  pros  give  f irst-person 
accounts  of  working  through 
tough  situations. 


Building  the  network  infrastructure  to 
support  ‘Star  Wars’  and  other  blockbi 

★  RALEIGH  MANN  ★  Manager  of  network  operations, 

The  Lucasfilm  Ltd.  Companies,  San  Francisco 


When 


we  did  “Star  Wars”  Episode  I,  we  used  1.5T  bytes  of  local  disk  space. 
Episode  III  requires  30T  bytes.  In  a  five-year  time  frame  that’s  pretty 
exponential.  For  Episode  I,  we  averaged  12T  bytes  of  traffic  across  the  network  in  a  24-hour  peri¬ 
od.  For  Episode  III,  that  number  was  around  180T  bytes. 

Back  then,  we  only  had  one  10G  Ethernet  interconnect.  Now  we  have  400 
10G  interconnects.This  makes  our  network  the  largest  single  10G  intercon¬ 
nect  in  the  country  10G  Ethernet  has  come  down  incredibly  low  in  price. 
That  allows  us  to  build  a  network  that  doesn’t  get  in  the  way  —  we  don’t 
have  to  worry  about  increasing  desktop  connectivity  or  if  there’s  enough 
connectivity  from  the  data  centers  to  the  wiring  closets.  We’ve  got  plenty 

Artists  are  able  to  make  the  experience  richer  and  more  complicated. 
For  example,  the  fabric  simulations  we  now  run  give  the  characters  so 
much  more  texture.  Compare  Yoda  in  Episode  I  and  Episode  III  —  he’s  got 
more  realistic  skin  textures  and  he’s  more  animated.That  requires  bigger 
pipes  and  more  disk  storage.  We  need  large  amounts  of  bandwidth  to 
deliver  data  for  production,  to  a  disk  farm,  to  the  video  areas. 

It’s  the  marriage  of  art  and  technology  This  is  the  new  bar  for  films  — 
everyone  wants  to  have  that  look  and  feel.  We  don’t  want  to  have  to 
worry  if  we’ve  designed  our  network  well  enough  for  the  next  three, 
four  or  five  years.  Our  old  network  lasted  five  years.  If  we  get  that  again, 
I  think  it’ll  be  successful. 

— As  told  to  Sandra  Gittlen 


Soothing  users  panicking  over  lost  data 

if  DIANE  WEIGEL  ★  Technical  support  services  manager,  Sodexho,  a  $6  billion 
food  service  and  facility  management  company  in  Gaithersburg,  Md. 


been  at  Sodexho  14  years,  eight  of  them  on  the  help 
desk.  We  support  people  in  thousands  of  locations, 
and  everything  is  done  remotely 

Two  years  ago,  we  had  an  executive  who  mistakenly  drove  over 
his  laptop.  It’s  become  one  of  those  stories  you  tell  in  a  whisper 
because  it’s  so  painful  whether  you  experienced  it  or  just  heard 
about  it.  Another  time,  we  had  someone  who  arrived  home  for 
the  day  and  as  he  exited  his  vehicle,  the  parking  brake  didn’t 
hold.  He  watched  his  car  roll  down  the  driveway  and  into  the 
lake  with  his  laptop  still  in  the  car. 

A  situation  like  this,  where  you  know  you’re  not  going  to  be  able 
to  take  the  hard  drive  and  send  it  off  to  a  data-recovery  site,  is  dif¬ 


ficult.  You’re  really  part  therapist  —  listening  to  what  happened 
and  reassuring  the  person  about  what  you  can  do  to  help. You 
can  give  the  tech  part  of  the  job  to  anyone,  but  taking  care  of  peo¬ 
ple  is  something  you  have  to  feel  and  breathe. 

Now  most  newly  issued  laptops  at  Sodexho  have  Evault 
[remote  back-up  software]  on  them.  It’s  a  comfort  —  if  someone 
loses  a  laptop,  we  have  data  electronically  that  we  just  bring 
down  to  a  new  machine.  But  it’s  awkward;  you  try  and  be  as  hon¬ 
est  as  you  can,  and  you  never  make  promises.  When  you  know 
there’s  been  data  Ioss.you  begin  with  a  zero  level  of  promise  that 
you’re  going  to  be  able  to  fix  it  and  100%  promise  that  you’ll  do 
everything  you  can. 

— As  told  to  Mary  Brandel 


Kssasaa 


IX  SOOO  «»>" 

In-Reach 


The  most  secure 

console  &  terminal  server 
management  solutions 

in  the  industry! 
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•  The  best  security  with  per  port  password  protection,  RADIUS,  Secure  Shell  v2.0,  SNMP 
V3,  SecurlD,  TACACS+,  PPP  PAP/CHAP,  PPP  dailback,  on-board  data-base  and  more! 
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MRV  console  servers  offer  a  highly-reliable,  easy  to  manage  rich  set  of  features,  making 
secure  remote  management  of  IT  assets  possible  from  any  location. 
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Walking  into  disaster  the 
first  day  on  the  job 

★  MIKE  TAYLOR  ★  CIO, Todd  Pacific  Shipyards,  Seattle 


the  summer  of  1998. 1  interviewed  [for  the  CIO  position]  at 
Todd  Pacific  Shipyards,  and  it  seemed  like  a  good  company 
although  I  knew  from  working  in  Seattle  that  the  IT  department  was  not  leading  edge. 


The  night  of  the  first  day  I  joined,  we  did  a  backup  of  the  homegrown  ERP  system, 
which  was  a  SQL  6  application.The  next  day  I  came  in  and  the  system  wouldn’t  come 
up.  Worse,  although  they’d  done  back-up  tapes  every  night,  no  one  had  ever  restored 
and  verified  them.  From  the  10  months  prior,  we  didn’t  have  any  data  that  we  could 
use;  the  back-up  tapes  were  useless.  And  we  were  told  that  a  corrupted  SQL  6  database 
was  unrecoverable.  We  didn’t  know  what  we  were  going  to  do. 

In  the  meantime,  I  was  getting  calls  from  two  or  three  other  firms  I  had  interviewed 
with, and  I  was  saying  to  myself, “What  should  I  do?” However,!  didn’t  take  another  inter¬ 
view;  I  felt  like  I  had  committed  myself  to  this  job. 

For  the  next  30  days,  we  were  off  the  air,  which  included  the  systems  that  handled 
inventory  purchasing,  accounts  payable  and  project  costing.  Folks  were  using  paper 
and  pencil,  and  if  checks  had  to  go  out,  accounting  would  use  a  typewriter. 

It  was  a  situation  where  we  worked  every  day,  hitting  the  phones,  just  following 
the  recovery  trail. Someone  would  give  you  a  name, you’d  call  him  and  he  could¬ 
n’t  help,  but  he’d  give  you  another  name.The  Big  5  firms  were  no  help,  and  neither 
were  the  three  largest  recovery  firms. 

We  finally  found  someone  at  a  company  in  San  Diego  recommended  by  a  lead 
we  called  in  San  Francisco.  He  said  he  would  try  to  get 
the  data  off  the  disk  for  $5,000  per  day,  but  if  he  could¬ 
n’t  he  wouldn’t  charge  anything.  We  took  the  data¬ 
base  disk  out  of  our  server  and  sent  it  with  our 
best  software  person  to  San  Diego. Within  three 
days,  they  got  the  data  off  our  disk  and  for¬ 
matted  for  delivery  to  Microsoft.  I  don’t 
know  why  he  charged  $5,000  per  day  but 
he  recovered  all  but  219  out  of  2.2  million 
records. 

The  next  phase  was  feeding  the  raw  data 
into  a  new  database.  A  Microsoft  contact 
gave  me  someone  at  headquarters  who 
was  kind  enough  to  put  me  in  touch  with 
a  manager  at  the  R&D  center  in  Irving, 
Texas.  They  were  able,  over  a  five-day  peri¬ 
od,  to  develop  many  algorithms  to  get  the 
database  pointers  straightened  out.  I  sent 
them  some  Made  in  Washington  gift  bas¬ 
kets,  besides  paying  the  bill,  as  an  incen¬ 
tive  and  a  thank  you,  because  we  were  sit¬ 
ting  on  our  hands.  We  were  on  the  cusp  of 
having  to  report  our  situation  to  the  U.S. 
Securities  and  Exchange  Commission. 

Being  the  director  of  IS, you  can’t  give  up 
on  a  project.  If  one  door  closes,  you  have 
to  look  for  other  ways  to  get  this  thing 
solved. That’s  a  trait  that’s  learned  but  you 
also  have  to  have  a  certain  doggedness  in 
your  personality.  Shortly  after  the  database 
was  again  operational,  1  implemented  the 
best  disaster  recovery  plan  in  Seattle! 

— As  told  to  Maty  Brandel 
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his  morning  I  set  up  a  firewall  in  London, 
fought  a  server  attack  in  Tokyo  and 
rebooted  a  maiLserver  in  New  York. 
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Remote  Data 

Center  Management 

white  paper 

at  lantronix.com/slcwp 

Manage  your  data  center  from  anywhere... 

In  today's  pressure  filled  “uptime”  environment  where  a  few 
minutes  can  cost  you  big  dollars,  customer  confidence  and 
worker  productivity,  you  can't  afford  to  have  IT  problems.  And, 
you  know  fewer  administrators  and  “lights  out”  control  of  your 
data  centers  gives  you  a  much-needed  security  buffer. 


Lantronix  gives  you  access  to  ALL  of  your  data  center  assets 
from  anywhere  over  the  Internet  via  a  browser,  and  total  out-of- 
band  access  if  the  network  is  down.  We  also  offer  the  only 
console  manager  available  with  a  NIST-certified  implementation 
of  Advanced  Encryption  Standards  (Rijndael)t  along  with  SSL 
and  SSH  assuring  you  the  highest  level  of  security  available. 


SecureLinx 


Lights  out  remote  data  center  management. 


Secure  Console  Managers 

Remote  management  of  Linux,  Unix  and 
Windows®  2003  servers,  routers,  switches, 
telecom  and  building  access  equipment. 

-  Respond  faster  and  reduce  downtime 

-  Consolidate  resources  and  minimize  costs 


Remote  KVM™  via  IP 

Manage  an  entire  room  full  of  Windows  and 
Linux  servers  from  a  single  desktop,  from 
anywhere  over  the  Internet. 

-  Eliminate  need  for  multiple  keyboards, 
monitors  and  mice 

-  No  client  software  required 
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Network  anything.  Network  everything 
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Remote  Power  Managers 

Control  the  power,  individually,  to  every  device 
in  the  data  center  via  a  web  browser. 

-  Reboot  system  remotely 

-  Ensure  safe  power  distribution  and  reduce 
in-rush  overload 
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SecureLinx  SLC16 
Winner  of  the  Network 
Computing  Editor’s 
Choice  Award 


'As  of  August  2004,  SecureLinx  SLC  is  the  only  console  manager  with  a  NIST-certified  implementation  of  Advanced  Encryption  Standards  as  specified  by  FIPS-197 
(Federal  Information  Processing  Standards).  ©  2005  Lantronix,  Lantronix  is  a  registered  trademark,  and  SecureLinx  and  Remote  KVM  are  trademarks  of  Lantronix,  Inc. 
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Pushing  through  a  new  and 
misunderstood  technology 

★  PAT  KING  ★  GLOBAL  ELECTRONICS 
STRATEGIST,  MICHELIN  NORTH  AMERICA 


a  member  of  the  AIM  Global  RFID  Experts  Group,  and  I’m  leading  a  workgroup 
where  we’re  writing  the  quality  standard  for  RFID  tags  and  how  you  determine  it. 
So  I  [speak  at]  a  lot  of  conferences. 


Implementing  IT 
Infrastructure  Library 
best  practices 


*  DAWN  SAWYER  ★ 

IS  operations  manager.  GuideStone 
Financial  Resources  of  the  Southern 
.  Baptist  Convention,  Dallas 


Last  year,  the  conferences  had  vendor 
attendees  listed  in  the  10-to-12  range.  Now 
there  are  50, 100, 200  vendors.  That  to  me  is 
frightening  because  the  market  hasn’t  taken 
off  and  these  people  are  trying  to  find  busi¬ 
ness,  which  means  they’re  trying  to  make 
business.  A  lot  of  them  aren’t  prepared.  In 
addition,  the  standard  —  [EPCglobal’s  UHF 
Generation  2  air  interface  protocol,  com¬ 
monly  referred  to  as]  Gen2  —  is  only  emerg¬ 
ing,  and  the  parts  required  to  make  it  suc¬ 
cessful  are  barely  available.  The  timing 
has  it  that  there  are  more  suppliers  than 
there  are  customers  or  parts.  That’s 
incredibly  frightening. 

I  was  at  a  conference  recently  and  —  I 
get  a  little  angry  about  this  stuff  —  I 
instructed  the  audience  to  go  into  the  ven¬ 
dor  group,  and  if  they  saw  any  vendor 
demonstrating  RFID  with  empty  card¬ 
board  boxes,  they  needed  to 
physically  pick  up  the  boxes 
and  declare  the  vendor  as  a 
fraud.  Those  of  us  who  have 
been  in  this  industry,  practic¬ 
ing  RFID,  graduated  from 


demoing  empty  boxes  15  years  ago.That  was 
cool  15  years  ago  when  RFID  really  was  sci¬ 
ence  fair  technology 

I  fly  on  any  given  week  to  Japan,  Korea, 
Singapore,  Germany,  France,  Spain,  Sweden, 
England  —  anywhere  there’s  an  opportunity 
to  interact  with  one  of  our  competitors,  the 
standards  bodies,  or  customers.  When  I  orig¬ 
inally  forecast  my  role  for  this  year  with  my 
boss,  I  thought  I  could  stop  traveling 
because  of  the  genesis  of  the  Gen  2  stan- 
dard.The  year  before,  the  goal  was  easy  —  to 
create  a  single  standard.  Now  that  we’re  get¬ 
ting  toward  a  single  standard,  we  have  a  new 
problem:  An  incredible  hoard  of  incompe¬ 
tent  idiots  are  now  showing  up  on  every 
doorstep  claiming  to  be  experts  at  this  single 
solution.  And  so  now  I  even  have  a  bigger 
risk  of  our  competitors  or  customers,  listen¬ 
ing  to  them  and  then  forcing  some  imple¬ 
mentation  of  the  standard  that  actually  isn’t 
[compliant] . 

1  went  from  thinking  I  wasn't  going  to  trav¬ 
el  at  all  this  year  to  traveling  two  times  more 
than  I  did  last  year. 

— As  told  to  Ann  Bednarz 


everyone  is  so  nice  in  our  company 
that  if  we  missed  a  service  level, 
there  was  no  repercussion.  And  I  couldn’t  get  them  to 
negotiate  something  competitive.  It  was  OK  [with  them] 
if  the  network  was  down  for  10  minutes  —  but  I  know 
that  doesn't  improve  business  value. 

Instead  of  reinventing  the  wheel,  we  went  with  1T1L  .  .  . 
to  make  IT  an  integral  part  of  the  business.  Without 
1TIL,  if  you  are  not  perceived  as  something  the  business 
needs  to  make  money,  you  are  the  person  everyone 
loves  to  hate.  Then  you’re  open  to  outsourcing  and  I 
didn’t  want  to  go  there.  I  wanted  to  be  proactive. 

In  the  past,  if  there  was  downtime  with  the  process¬ 
es  —  for  instance,  the  public  address  book  in 
Microsoft  Outlook  —  we  wouldn't  have  reported  that. 
We  nowr  say,  “Here  are  the  financial  repercussions  and 
the  inconvenience  it  cost."  In  other  organizations 
there  might  be  a  backlash,  but  senior  management 
sees  our  willingness  to  point  out  our  own  mistakes 
and  get  better. 

This  has  been  a  three-year  project  for  us.  We've  seen 
a  distinct  return  on  investment.  The  thing  people  forget 
is  that  1TIL  doesn’t  end  —  it’s  a  continuous  process. 

—  As  told  to  Sandra  Gittlen 


Creating  a  new  par adigm  for  enterprise  security 

★  PAUL  SIMMONDS  ★  Chief  information  security  officer,  ICI,  London;  and  co-founder,  the  Jericho 
Forum,  an  international  user  group  focused  on  next-generation  security  issues 


The 


Jericho  Forum  came  about  because  no  one  was  address¬ 
ing  the  problem  of  de-perimeterization  —  the  ability  to 
operate  your  business  on  the  raw  Internet.  Our  hardware  and  software  suppliers 
weren’t  discussing  the  fact  that  borders  aren’t  doing  much  good  for  corporations.  It 
was  a  bit  like  the  “Emperor’s  New  Clothes”  as  they  were  saying  there  was  nothing 
wrong  —  they  were  still  telling  us  how  to  harden  our  borders. 

So  we  started  two  years  ago  as  a  supper  club,  going  out  to  a  meal 
with  like-minded  CSOs  to  discuss  the  problem.  The  first  one  had 
seven  or  eight  people,  the  second  had  15, and  eventually  it  became 
a  half-day  event  with  15  to  20  people.  It  just  continued  to  grow. 

In  October  2003, 1  spoke  at  the  RSA  Conference  in  Amsterdam 
about  the  topic  of  de-perimeterization.  A  journalist  was  in  the 
back  of  the  room  and  made  a  front-page  story  out  of  it.Very  quick¬ 
ly  we  went  from  an  ad  hoc  group  of  people  who  all  knew  each 


other  to  something  very  formal.  In  January  2004,  the 
Jericho  Forum,  which  was  named  for  the  walls  of 
Jericho  that  come  tumbling  down,  was  officially  born. 

Then  I  did  the  keynote  at  another  conference  and  i 
there  was  stunned  silence.  “This  is  total  heresy]  they  I 
thought.  I  went  back  to  the  same  conference  in  2005  I 
for  a  follow-up  and  the  industry  had  gone  from  total  | 
disbelief  to  acceptance.  We  now  have  80-plus  users, 
with  Procter  &  Gamble,  Qantas  and  a  host  of  interna¬ 
tional  companies  represented. 

I  have  an  80-hour-a-week  day  job  that  I  still  have  to  do. 

I  can’t  afford  to  mess  around.  We’ve  got  a  clear  set  of 
goals,  and  we’re  going  for  it.  If  I  didn’t  think  the  Jericho 
Forum  wasn’t  going  to  have  an  impact  in  the  next  10  years; 
I  wouldn’t  be  investing  the  time. 

— As  told  to  Sandra  Gittlen 


MICHAEL  WILLIAMS 


REPELS  INTRUDERS, 
EMBRACES  SIP  PROTOCOL 


Moving  to  VoIP  shouldn’t  create  security  issues  tor  your  business.  It  since  encryption  is  a  standard  feature,  it  is  impossible  for  anyone  to  intercept 

should  eliminate  them.  That’s  why  the  Zultys  MX250  IP  PBX  runs  on  sensitive  communications.  Best  ot  all,  the  Zultys  MX250  does.,  all  .this 

a  real-time  Linux  operating  system  that  is  straight  out  of  the  box.  To  learn  more  about 

secure  and  not  vulnerable  to  attack.  And,  adding  secure  VoIP,  access  www.zultys.com/nw. 
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Running  a  high-profile 
e-commerce  site 

RON  ROSE  CIO.  Price line.c 
Norwalk.  Conn. 


There’s 


a  saying  in  technology  —  fast, 
good  and  cheap,  pick  two.  We 
try  to  do  all  three  .  .  .  and  we 
always  have  a  forward-looking 
view.  If  you  re  using  yesterday's 
technology  and  not  anticipat¬ 
ing  where  it's  going  then  you'll 
never  be  able  to  fully  utilize  the 
architecture.  I’ve  been  focusing 
on  trying  to  create  a  cohesive 
data  center  operating  system 
that  operates  as  a  consistent  enti¬ 
ty  We  have  consistent  management 
from  the  routers  down  to  the  database 
to  storage  and  up  again. 

Technology  is  a  lot  like  shooting  skeet  — 
you’re  riot  leading  the  target. you'll  never  hit 
it.  It’s  a  never-ending  adventure" 


4s  told  to  Sum  In  i  Git  tie  tt 


Unplugging  a  decades- 
old  mainframe 

★  VICKIE  GEPHART  ★  Systems  development 
manager,  Virginia  State  Police,  Richmond 
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had  a  Unisys  mainframe  here  since  the  late 
70s  or  early  '80s,  and  we  were  at  the  end  of  our 
current  five-year  licensing  contract.We  either  had  to  purchase  a  new 
mainframe  or  go  to  a  new  platform.  We  decided  to  migrate  to  an 
open  systems  architecture  in  order  to  make  use  of  off-the-shelf  pack¬ 
ages  and  get  away  from  a  completely  proprietary  database. 

We  decided  to  purchase  a  Sun  Fire  6800  with  an  Oracle  database  and  a  Micro  Focus 
[International]  front  end.  At  first,  there  was  the  challenge  of  keeping  our  data  processing  team 
motivated.  Ninety-five  percent  of  them  had  20  years  of  extensive  experience  on  the  Unisys 
mainframe,  so  there  was  some  resistance  to  moving  forward  into  unfamiliar  territory. 

To  boost  morale  and  acceptance  of  the  new  database,  we  continually  provided  the  transition 
team  with  motivational  pep  talks  and  progress  reports.  By  the  time  we  were  about  one-third  of 
the  way  into  the  project,  the  staff  started  getting  really  excited  about  the  operation. 

What  also  helped  was  that  the  team  ran  into  opposition  from  some  external  agencies  and 
was  told  there  was  no  way  it  could  go  from  the  mainframe  to  the  Unix  platform  so  quickly  The 
challenge  became  an  issue  of  pride  for  the  team  — “Let’s  prove  everybody  wrong.” 

It  took  us  13  months,  but  we  had  everything  operational  on  Aug.  8, 2004,  and  we  left  the  main¬ 
frame  running  until  Aug.  12.  At  the  ceremonial  unplugging,  the  state  police  superintendent  offi¬ 
cially  switched  off  the  mainframe,  and  the  entire  team  broke  into  applause  and  then  celebrated 
with  cake  and  refreshments.  Even  a  local  television  station  was  on  hand  to  cover  the  ceremony 

At  that  point,  it  still  felt  a  little  bit  unreal.  I  guess  we  expected  something  to  go  wrong  at  the 
last  minute.  But  after  the  switchover,  it  was  quiet.  We  wondered, “Is  anyone  using  this  system? 
Why  haven’t  we  heard  something  going  on?” 

Over  the  next  few  weeks,  we  traded  in  the  mainframe  for  new  disks  for  the  Sun  platform.  Even 
then,  there  was  this  thought  of  being  attached  to  it,  particularly  for  the  operators  who  used  it  day 
in  and  day  out. 

— As  told  to  Mary  Brandel 


Networking  in  the  oddest  of  places,  in  the  s 

if  MICHAEL  KOONTZ  ★  Independent  consultant,  Mexico,  Mo. 


Several 


years  ago,  I  worked  for  a  technical  service 
company  in  Kansas  City,  Mo.  One  of  our 
biggest  clients  had  a  break  in  a  fiber  line  that  ran  from  the  main  office 
745  feet  to  a  remote  office.  This  company  was  located  underground  in 
some  caves,  and  the  cabling  was  in  desperate  need  of  repair. 

What  happened  is  that  the  president  had  run  zip- 
grade  fiber  cable  to  the  remote  office  —  rather  than 
put  the  fiber  into  conduit,  he  zip-tied  it  to  a  pipe. 
This  worked  fine  until  he  had  the  maintenance  guys 
run  Category  5  for  security  on  the  same  pipe.  When 
they  were  pulling  that  cable,  the  Cat  5  burned  right 
into  the  fiber. 

The  president’s  solution  was  to  run  a  single  Cat  5e 
patch  cable  to  the  remote  office.  Keep  in  mind  the 
remote  office  is  745  feet  away  and,  according  to 
Network  Theory  and  Rules,  Cat  5e  is  only  rated  for 
approximately  324  feet.  This  was  against  all  my 


teachings  and  experience,  but  the  boss  said, “Do  it.” 

So  with  a  1 ,000-foot  box  of  wire,  a  scissor  jack  and 
a  pocket  full  of  zip  ties,  I  set  out  on  my  mission  of 
failure.  First,  this  being  an  underground  factory,  I  vis¬ 
ited  all  the  forklift  drivers  and  told  them  what  I  was 
doing. “I’m  running  some  computer  wire  this  morn¬ 
ing.  It  is  orange  in  color  and  the  floor  is  gray  so  don’t 
run  over  it  with  your  4,000-pound  forklifts.’They  said 
OK,  but  I  should  have  known  better. 

I  laid  out  the  wire  between  the  two  offices  and 
began  to  zip-tie  it  to  the  overhead  pipe.  I  wasn’t  20 
minutes  into  my  quest  when  one  of  the  forklift  oper¬ 
ators  ran  over  my  cable  twice!  (4,000  pounds  vs.  Cat 
5e  —  KO!) 

Well,  I  couldn’t  run  another  —  I  only  had  1,000 
feet  of  cable  —  so  I  continued  to  zip-tie  the  cable  to 
the  pipe  continually  telling  myself:  “745  feet,  patch 
cable,  forklift, 4,000  pounds.This  isn’t  going  to  work! 
Why  am  I  doing  this?!" 


Finally  I  terminated  the  ends  knowing  that  all  my 
work  was  in  vain,  and  plugged  it  in  to  the  hubs.  It 
worked! 

The  network  gods  must  have  been  watching  over 
me.  I  couldn’t  believe  it! 
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reconcilable  differences 

The  storage  folks  need  distance  replication 
with  the  lowest  latency,  zero  packet  loss, 
guaranteed  performance  and  security. 
Meanwhile,  network  managers  must  trim 
operational  costs  and  still  someho w 
prepare  the  network  for  the  coming 
avalanche  of  web  services,  grid  computing 
and  other  mission-critical  applications. 
Thankfully,  Ciena's  Adaptive  WAN™ 
supports  all  these  applications  and  more  in 
one  solution  designed  for  unprecedented 
scalability  and  zero  downtime.  Qualified  by 
all  the  major  storage  players,  Ciena's  plug- 
and-play  products  lower  costs  by  up  to 
80%  while  extending  applications  as  far  as 
you  want,  so  you  can  afford  to  reconcile 
everyone's  needs. 
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in  an  SOA  world 


The  service-oriented  architecture  will  lead  to  big  changes  in  your  job. 

Early  adopters  and  other  experts  share  tips  on  how  to  prepare  for  what’s  ahead. 

$  B  Y  JULIE  BORT 


doubt  you’ve  spent  time  pondering  the  profound  technology  changes  that  a  service-oriented  architec¬ 
ture  implies.  But  you  need  to  think,  too,  of  the  sweeping  changes  an  SOA  would  mean  for  your  job. 


The  SOA  promise  is  that  monolithic  applica¬ 
tions  will  be  replaced  by  loosely  coupled  Web 
services  —  reusable  bits  of  code  written  to  a 
standardized  interface  so  they  can  be  mixed  and 
matched  and  hosted  anywhere.These  little  bits  of 
applications  floating  around  will  be  bound 
together  on  “the  network” —  and  not  just  your  lit¬ 
tle  corner  of  it.  In  an  SOA,  the  network  encom¬ 
passes  public  networks  and  your  business  part¬ 
ners’  networks,  too.  So  your  work  will  become 
more  visible  in  the  corporate  scheme  of  things, 
which  can  be  good  for  your  career. 

The  hope  is  that  the  SOA  approach  will  let  IT 
departments  quit  reinventing  the  wheel,  to  auto¬ 
mate  more  and  therefore  to  do  more  with  less,  par¬ 
ticularly  less  program¬ 
ming.  Then  again, 
loosely  coupled 
services  are  more 


easily  outsourced.This  might  lead  to  fears  that  intro¬ 
ducing  such  an  architecture  could  put  IT  jobs  at 
risk.  But  early  SOA  adopters  are  learning  that  job 
loss  isn’t  as  much  a  factor  as  is  figuring  out  how  to 
best  realign  IT  personnel  with  the  shifting  tasks  an 
SOA  requires. 

“The  theory  with  SOAs  is  that  IT  departments 
shrink,”  but  that’s  not  necessarily  the  case  when  you 
balance  the  ability  to  cut  programming  jobs  against 
long-term  goals,  says  Terry  Bone,  manager  of  frame¬ 
works  and  architecture  for  Ford  Credit,  one  of  the 
largest  automotive-financing  companies  in  the 
world.  ( Network  World  honored  the  Dearborn, 
Mich., company  in  2002  for  its  early  SOA  efforts.See 
www.networkworld.com,  DocFmder:  8123.) 

Bone  is  analyzing  how  to  size  the  department  cor¬ 
rectly  and  if  outsourcing  has  a  place.  This  trans¬ 
lates  into  trying  to  “define  strategy”  on  what  a 
right-sized  department  looks  like  and  how  he 


can  encourage  his  best  programmers  to  stick 
around  when  an  SOA  means  less  coding  work  for 
them,  Bone  says. 

Although  staff  size  will  remain  constant,  the 
automation  technologies  necessary  to  operate  an 
SOA  model  will  allow  each  member  to  do  more 
work.In  addition,  roles  will  shift  away  from  manual 
areas,  such  as  custom-coding  projects,  and  into 
new  zones,  such  as  application  assembly  work. 

Obviously  the  number  of  application  program¬ 
mers  on  staff  would  decrease  because  less  code 
would  need  to  be  written.  One  skill  that  might  not 
be  needed  nearly  at  all  is  the  down-and-dirty  tech¬ 
nical  programming  usually  relegated  to  young, 
inexperienced  programmers.  The  job  of  writing 
integration  code  between  two  cantankerous  appli¬ 
cations,  for  example,  should  be  rare.  That  task 
should  be  undertaken  by  the  vendors,  whose  role 
will  be  to  handle  and  hide  all  that  complexity  from 
their  customers,  says  Tim  Hilgenberg,  chief  tech¬ 
nology  strategist  for  application  development  at 
Hewitt  Associates,  a  human-resources  firm  in 
Lincolnshire,  Ill.,  which  has  adopted  Web  services 
and  SOA  technologies. 

However,  the  number  of  programmers  you 
employ  also  will  depend  on  whether  you  are  pri¬ 
marily  a  “publish”  kind  of  SOA  organization  or  a 
“subscribe”  type,  says  Allison  Bacon,  senior 
research  analyst  for  Eze  Castle  Research. 
Organizations  for  which  IT  is  the  business  (IT  ven¬ 
dors,  e-commerce  companies,  virtual  service 
organizations)  might  continue  to  write  a  lot  of 
their  own  Web  services  and  then  publish  them  for 
others  to  use  or  buy  Organizations  for  which  IT  is  a 
tool  for  producing  a  non-IT  product  or  service  will 
most  often  be  subscribers. 

Either  way  assembly  work  will  become  one  of 
IT’s  major  roles.  Subscribers  will  be  expected  to 
shop  for  pieces  of  applications,  then  plumb  them 
together  in  a  unique  way  that  adds  business  value, 
Hilgenberg  says.  “When  you  start  looking  at  SOA, 
you’re  really  talking  about  being  able  to  compose 
applications  as  opposed  to  being  the  developer  of 
them.You  become  more  of  an  aggregator  and  inte¬ 
grator,  putting  together  portals  and  aggregating 
data  and  transactions.” 

The  challenge  for  the  assembly  staff  will  be  to 
add  business  value  that  specifically  addresses  the 
organization’s  needs,  so  that  the  application  is 
more  than  the  sum  of  its  parts.  “If  programming 
skills  become  somewhat  commoditized,  you’ll 
have  to  figure  out  how  to  add  value  on  top  of  that 
...  much  like  what  a  Dell  does  as  an  integrator  of 

See  SOA,  page  60 
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SOA 

continued  from  page  58 


components  —  the  one  who  specs  them 
out,”  Hilgenberg  says. 

For  instance,  the  assembly  staff  will 
want  to  take  generic,  customer-service 
Web  services,  find  more  Web  services  that 
address  the  company’s  specific  needs 
and  stitch  them  together  to  produce  a 
unique  customer-service  application. 
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Tim  Hilgenberg,  chief  technology  strategist  for  application  development,  Hewitt  Associates  >>> 

The  SOA  will  cause  IT  departments  to  become  application 
integrators,  rather  than  application  developers. 


Keeping  watch  on  the  parts 

The  IT  job  also  will  require  carefully  watching  over  ven¬ 
dors  to  make  sure  you  can  meet  the  stringent  uptime  objec¬ 
tives  inherent  in  a  services  orientation,  Hilgenberg  adds. 
This  is  especially  the  case  for  companies  that  are  kludging 
together  Web  services  from  a  variety  of  sources,  many  of 
which  will  be  written  or  hosted  out  of  their  direct  control. 
In  reality  these  also  will  be  out  of  the  direct  control  of  their 
vendors,  who  will  likely  be  buying  their  Web  services  from 
third-party  sources,  as  well.  So  the  onus  will  become  one  of 
researching  vendors  and  their  sources,  and  then  monitor¬ 
ing  those  suppliers  closely  to  ensure  that  a  three-times  out¬ 
sourced  component  doesn’t  cause  a  failure  across  your 
system.This  is  a  big  shift,  as  most  companies  today  bring  all 
pieces  in-house  and  keep  track  of  them  from  there. 

The  fact  that  so  much  of  your  application  will  be  out  of 
your  direct  control  means  that  security  work  will  be  plenti- 
ful.True, security  is  already  a  major  role  of  the  network  staff, 
but  its  tasks  will  mutate  and  multiply  until  it  becomes  a  part 
of  every  technical  role  you  supervise.  Think  about  the  task 
of  securing  the  network  and  your  data  when  you  can  no 
longer  cordon  off  critical  applications  with  passwords,  and 
when  bits  of  code  are  hosted  on  your  vendors’ sites,  as  well. 
“Everything,  theoretically  could  be  outsourced,  but  you  will 
still  have  to  maintain  internal  expertise. You’ll  still  have  to 
protect  what  comes  in  and  out  of  your  enterprise. . . .  That 
requires  a  big  security  skill  set,”  Bacon  says. 

However,  the  requisite  security  expertise  is  anyone’s 
guess.  Bacon  says  application  design  and  management, 
including  security  will  become  a  strategic  role.  So  if  the  day 
comes  when  all  enterprise  applications  live  via  an  SOA, 
someone  will  need  to  perform  the  job  of  deciding  what 
application  components  are  being  used  for  what  business 
purposes  and  how  these  components  are  being  re-used, 
where  each  is  being  hosted  and  so  on. 

The  job  of  business  liaison 

One  of  the  more  exciting  new  roles  that  will  arise  in  the 
SOA  world  is“the  business  liaison,”  Ford’s  Bone  says.This  job 


will  entail  working  with  business  to  help  define  the  techni¬ 
cal  and  business  processes  that  move  the  business  toward 
its  goals.  While  IT  has  always  performed  this  task  to  varying 
degrees,  the  SOA  will  intensify  the  need  for  dedicated  staff 
for  it.  For  instance,  people  in  this  role  could  work  with  cus¬ 
tomer-service  managers  to  create  a  business  process  from 
available  technologies  to  improve  customer-service  re¬ 
sponse  times.  A  business  liaison  might  be  assigned  to  every 
line-of-business  department.  This  is  an  ideal  spot  for  the 
best  of  all  those  soon-to-be  unnecessary  custom  program¬ 
mers,  Bone  says. 

“We’re  seeing  developers  lean  toward  taking  on  business 
user  roles.  We’re  seeing  people  and  competency  go  back 
and  forth  across  that  line  —  the  line  is  blurring.The  SOA  is 


going  to  blur  it  even  more.  Developers  aren’t  going  to  need 
to  do  a  lot  of  heavy  coding. We’ll  need  those  that  can  work 
with  business  customers  more  around  defining  process¬ 
es,  defining  integration  technologies,”  he  says. 

Of  course,  as  more  technology  pervades  everyone’s  daily 
lives,  techie  knowledge  is  hardly  the  sole  purview  of  IT  folks 
anymore.  Business  managers  are  already  learning  about  the 
applications  out  there  that  can  help  them,  says  Sandra 
Rogers,  IDC’s  program  director  for  SOA,  Web  services  and 
integration.  Some  might  even  think  that  these  liaison  jobs 
should  be  staffed  from  the  business  side  of  the  house,  not 
with  your  staff.  But,  as  Rogers  points  out,  business  managers 
don’t  know  what  they  don’t  know  about  technology  For 
instance,  a  business  manager  won’t  know  about  data  mod¬ 
eling,  integrating  with  automation  tools,  configuration,  per¬ 
formance  optimization,  security  and  a  host  of  other  tech¬ 
nology  best  practices,  needs  and  procedures. 

“It’s  a  danger  to  think  that  the  business  people,  even  in  the 
short  term,  will  understand  what  the  technology  can  do.  It’s 
like  black  boxing.  You  don’t  know  what’s  really  going  on, 
dealing  with  expectations,  debugging,  propagation,  com¬ 
patibility  and  what  the  system  is  trying  to  achieve.The  busi¬ 
ness  side  is  going  to  find  all  of  that  very  difficult,”  she  says. 

Employers  will  increasingly  need  those  who  can  marry 
technical  expertise  with  business  acumen.  If  you  haven’t 
already  begun  to  look  at  your  staff  through  the  SOA  lens, 
make  it  your  business  to  do  so  soon.B 


Evolving  your  skills  for  SOA 

Change 

Monolithic  applications  go  away  and  application 
interfaces  are  standardized. 

Skills  to  ditch 

Application  performance  tuning, 
custom  coding. 

Skills  to  grab 

Application  and  data  assembly,  more  intensive  vendor 
investigation  and  monitoring. 

Applications  are  housed  in  the  network  instead  of 
the  servers. 

For  the  network  people,  nothing. 

Network  performance  tuning,  application  usage  met¬ 
rics,  new  application  design  principles. 

IT  provides  business  processes,  not  a  laundry  list  of 
i  technologies. 

Break/fix  management  mentality. 

Business  acumen,  using  technology  to  define  and 
shape  business  processes. 

Bits  and  pieces  of  applications  can  be  hosted  anywhere, 
called  from  anywhere  and  used  on  a  variety  of  devices. 

The  perimeter  security  mind-set. 

Creative  security  systems,  security  as  part  of  every 

IT  role. 

MATTHEW  GILSON 
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■  A  day  at  the  races  is  just  part  of  the  job  for  Atique  Shah, 

vice  president  of  CRM  and  technology  solutions  for  Churchill  Downs. 

Horse  racing’s  CRM  gum 


BY  BETH  SCHULTZ 


Ati  .ie 


Shah  isn’t  much  of  a  betting  man,  but  as  vice  president  of  CRM  and 
technology  solutions  for  renowned  horse-racing  operation  Churchill 
Downs,  he’s  placed  his  money  on  a  CRM  trifecta  —  analytical,  collaborative  and 
operational  systems. 

But  first,  Shah  quips,  he  had  to  figure  out  what  “trifecta”  and  other  horse-racing 
lingo  meant. Shah  joined  CDI  in  December  2003  as  his  next  step  in  a  long  and  var¬ 
ied  IT  career  with  entertainment,  retail  and  sports  companies.  But  he  was  clueless 
about  horse  racing. 

“When  I  looked  at  the  data  for  the  first  time.I  had  no  idea  what  the  heck  it  meant. 
It  was  telling  me  somebody  comes  five  times  a  day  and  does  a  quinella.’A  quinel- 
la  —  what  is  this?”’ he  remembers  with  a  booming  laugh. 

Now  Shah,  showing  a  visitor  around  the  Churchill  Downs  track  in  Louisville,  Ky, 
where  his  office  is  housed,  comes  off  as  an  old  pro.  He 
talks  of  the  recently  run  Kentucky  Derby  and  Oaks, 
explains  the  racetrack’s  soil  composition,  points  out  the 
building’s  landmark  twin  spires  and  shares  the  archi¬ 
tectural  history  of  the  recently  renovated  130-year-old 
venue,  all  while  speaking  fluently  in  horse-racing  parl¬ 
ance.  A  native  Saudi  Arabian  who  lived  for  years  in  New 
York  and  Philadelphia,  Shah  has  even  come  to  relish 
Louisville’s  signature  Kentucky  Hot  Brown  sandwich, 
minus  the  bacon, served  in  a  track-side  cafe. 

Highlights  of  Shah’s  track  tour  are  the  stylish, large  flat- 
screen  Gateway  monitors  affixed  on  walls  everywhere, 
from  the  ritzy  private  corporate  suites  high  atop  the 
track  to  the  sprawling  main  floor  where  the  general 
public  bets.  No  race  shall  be  missed.  Even  diners  at  the 
track’s  luxury  restaurants  have  tabletop  screens  for 
their  viewing  pleasure. 

Churchill  Downs  exudes  a  high-tech  feel  —  and  that 
says  a  lot  for  a  horse-racing  venue.  Traditionally,  Shah 
explains,  the  horse-racing  industry  viewed  IT  as  only  a 
support  function  because  “nobody  had  looked  to  IT  as 

a  revenue  stream.”  But  that  has  started  to  change.“People  here  have  begun  to  under¬ 
stand  the  value  of  IT’ he  says. 

CDI  executives  have  come  to  this  understanding  through  their  efforts  to 
improve  branding  and  attract  more  customers.  For  as  clueless  as  Shah  had  been 
about  horse  racing  before  he  joined  the  company, CDI  had  been  nearly  so  about 
how  to  draw  more  customers  to  the  seven  tracks  and  nine  off-track  betting  facil¬ 
ities  it  operates  in  the  U.S.  Having  exhausted  its  advertising,  promotional  and 
mass-marketing  channels,  CDI  began  strategizing  on  ways  to  improve  its  cus¬ 


Nothing  is  more  exciting 
than  seeing  smiles  on 
customers’  faces,  and 
hearing  them  say,  Wow, 
this  is  pietty  cool.”’ 


tomer  outreach,  Shah  says.  Investigating  the  CRM  buzz  they  had  heard,  CDI  exec¬ 
utives  decided  to  consider  new  interface  options  for  the  wagering  platforms  and 
to  create  a  more  interactive  Web  presence.  They  hired  Shah  and  committed  to 
technology  investments. 

That  landed  Shah  with  a  $6.5  million  fund  for  capital  investments  and  an  operat¬ 
ing  budget  of  “a  couple  of  million.”  He  began  picking  his  team  in  March  2004.  Over 
the  next  three  months,  he  brought  on  a  staff  of  12,  including  a  senior  director  of  IT 
who  also  is  the  CRM  project  manager.  He  then  began  investing  in  CRM  and  infra¬ 
structure  products. 

His  first  focus  was  on  analytical  CRM,  which  he  needed  to  gain  customer  intelli- 
gence.Shah  came  to  discover  that  CDI  had  27  unique,  rich  data  sources  from  which 
he  could  cull  information.  Once  he  had  an  understanding  of  customer  data,  he 
zeroed  in  on  collaborative  CRM,  which  provides  the  ability  to  cross-sell  and  up-sell 

to  customers  through  e-mails  or  from  the  Web.  CDl’s 
collaborative  CRM  systems  went  live  last  month.  Work 
on  CDI’s  call  center,  ticketing  and  other  operational 
CRM  systems  will  come  later  this  year. 

Shah’s  CRM  and  IT  investments  include  Epiphany’s 
CRM  suite  (AnalyticalPlatform,  Real-Time  Application, 
Campaign  Management  System  and  ContactCenter 
Application);  IBM’s  integration  software  (Data  Stage, 
Data  Quality  and  Data  Profile,  formerly  from 
Ascential);SPSS  predictive  analytics  software  (Capri, 
Clementine  8.5,  MR  Interview,  NetGenesis,  SPSS’  Base 
11.0);  Gateway  PCs  and  enterprise  hardware;  Oracle 
for  data  warehousing;  Sun  Enterprise  Servers; 
Percussion  Software  Web  content  management  soft¬ 
ware  and  EDS  hosting  services. 

A  pragmatist,  Shah  crafted  exclusive  partnerships 
with  vendors  willing  to  forge  a  business  relationship 
with  CDI  rather  than  just  sell  products  to  it.  “We’re  a 
sports  and  media  entertainment  company  with  expo¬ 
sure  on  NBC,  ESPN,  Fox,  etc.  I  can  leverage  that  to  bring 
new  exposure  for  vendors,  if  they’re  willing  to  invest  in 
a  mutually  beneficial  relationship,”  Shah  says. 

For  example, Gateway  made  an  investment  in  Churchill  Downs  through  which  its 
brands  get  exposure  at  the  racetrack, Shah  says.“You  can  see  that  relationship  has 
helped  us  by  enhancing  the  experience  of  the  customers  who  walk  in  the  door  — 
and  at  the  end  of  the  day,  that’s  what  this  is  all  about,”  he  says.’This  is  not  about  hav¬ 
ing  a  cluster  of  databases  on  the  back  end  or  that  I'm  running  a  Sun  Enterprise 
lOOOO.That's  great.  But  nothing  is  more  exciting  than  seeing  smiles  on  customers’ 
faces, and  hearing  them  say, ‘Wow, this  is  pretty  cool.’”B 
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We  have  a  very  dynamic  busi 
ness,  where  we’ve  got  new 


piTXlucts,  new  prices,  different 
promotions  -  and  I  never  shut 
<p\rn  the  Web  site.” 
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■  As  FreshDirect  CTO,  Miles  Trachtenberg  combines 
a  love  of  technology  with  the  joy  of  good  food. 

Aii  e-comm  taste-tester 


me 


best  part  about  being  CTO  at  online  grocer  FreshDirect  is  “product  develop¬ 
ment,”  says  Myles  Trachtenberg  with  a  grin.Troduct  development  —  aka  having 
taste  treats  every  so  often,”  he  adds  while  handing  a  visitor  a  slice  of  apple-cranberry  pie.  Delicious  as 


it  is,  the  pie  is  still  “under  development.” 


FreshDirect  doesn’t  kid  around  when  it  says  “It’s  all  about  the  food.” Sure,  the 
company  manufactures  and  distributes  a  wide  variety  of  fresh  foods  to  peo¬ 
ple  in  the  New  York  metropolitan  area  who  order  the  groceries  online,  but 
food  is  more  than  that  to  the  company  It’s  in  the  DNA  of  the  place,  from  the 
occasional  barbecues  in  the  street,  to  the  ice-cream  truck  that  keeps  the 
manufacturing  plant  on  its  route,  to  the  photos  of  pears,  grapes  and  cheese 
that  hang  in  the  lobby  of  the  administrative  building. 

Four-year-old  FreshDirect  isn’t  shy  about  its  innovative  approach  to  the  age- 
old  grocery  business.  The  company’s  bright  yellow  manufacturing  plant 
stands  out  from  an  industrial  area  of  Long  Island  City  like  a  ripe  banana.  A 
massive  electronic  billboard  —  the  largest  of  its  kind  in  the  U.S.  —  juts  from 
the  rooftop  and  flashes  65-foot-high  images  of  fresh  produce  at  motorists 
approaching  the  Queens  Midtown  Tunnel. 

The  plant  shuts  down  only  a  couple  days  of  the  year.  Otherwise,  the  opera¬ 
tion  runs  24/7  —  an  IT  infrastructure  overhaul  that  Trachtenberg  undertook 
last  year  makes  sure  of  this. 

A  1 ,5-year  IT  veteran,  Trachtenberg  joined  FreshDirect  in  November  2003, 
charged  with  making  sure  that  customers  complete  their  orders  at  fresh 


direct.com.  FreshDirect  didn’t  want  shoppers  to  become  frustrated  by  long 
wait  times  or  site  outages  and  ditch  online  ordering  in  favor  of  walking  down 
to  their  corner  grocery  stores. 

Trachtenberg  fulfilled  that  mission,  bringing  average  response  times  to  less 
than  1  second.  He  accomplished  this  while  saving  $1.2  million  in  software 
licenses,  service  and  hardware  costs. 

Moving  from  a  set  of  Sun  Solaris  servers  to  an  Egenera  BladeFrame  made 
up  of  two-way  server  blades  running  Linux  and  VMware  virtualization  soft¬ 
ware  helped  Trachtenberg  garner  such  savings.  VMware  lets  FreshDirect  cre¬ 
ate  up  to  four  virtual  servers  on  each  blade,  with  a  total  of  46  virtual  servers 
today  These  virtual  servers  are  divided  into  two  clusters  —  one  supports  the 
live  Web  site,  and  the  other  is  “dormant.”  Site  enhancements  are  implemented 
on  the  dormant  side  then  phased  over  to  the  live  side  as  new  customers  con¬ 
nect  to  the  servers. 

“We  have  a  very  dynamic  business,  where  we’ve  got  new  products,  new 
prices,  different  promotions  —  and  I  never  shut  down  the  Web  site,” 
Trachtenberg  says. 

This  represents  a  dramatic  shift  from  the  previous  two-and-a-half  years  of 
the  operation,  where  any  changes  to  the  site  were  done  in  a  five-hour  window 
—  between  1  a.m.and  6  a.m  —  during  which  the  IT  department  shut  down 
the  site,  rebuilt  the  platform,  validated  it  and  got  it  back  into  production. 

Now  FreshDirect  can  make  a  graceful  transition  within  a  90-minute  window 

See  Where,  page  66 


BANTAM 


BANTAM 

INSTRUMENTS 


INSTRUMENTS  BANTAM  INSTRUMENTS,  founded  in 

1997,  is  a  leading  manufacturer  of  handheld 
WLAN  Spectrum  Analyzers  for  use  in  site  surveys  and  system  monitoring. 
Coverage  is  provided  for  both  the  2.4  and  5  GHz  bands  using  true  spectrum 
analyzer  technology  rather  than  WLAN  cards.  Antennas  plus  data  capture 
and  logging  software  are  included. 

408-736-3030  •  www.BantamInstruments.com 


f#DORIAN 

www.doriansoftware.com 


Robert  A.  Milford 
Chief  Software  Architect 
Dorian  Software 
Creations,  Inc. 


Robert  A.  Milford  seeks  to  simplify  network  security  and  compliance  needs 
with  easy-to-use  software  developed  from  the  perspective  of  the  administra¬ 
tors  who  face  such  challenges  daily.  Founded  in  1997  with  its  flagship  prod¬ 
uct  Event  Archiver,  Dorian  provides  comprehensive  event  log  management 
(SEM)  software  and  other  solutions  to  leading  companies  globally. 
678-222-3443  •  www.doriansoftware.com 


Luis  E.  Fiallo 

Managing  Director  of  Marketing 
&  Corporate  Development 
China  Telecom  USA 

China  Telecom  USA,  the  wholly  owned  subsidiary 
of  China  Telecom,  provides  products,  services  and 
technical  expertise,  including  a  full-range  of  China 
domestic,  China-US  and  international  voice,  data  and  IP  products  and 
services  to  North  American  companies.  China  Telecom  USA  maintains  a 
comprehensive  portfolio,  which  meets  all  business’  telecommunications  needs, 
from  local  loops  to  complex  international  circuits  and  value  add  services. 
866-692-8872  or  703-787-0088  •  www.chinatelecomusa.com 


Marc  Randall 
CEO  &  President 
Force  10  Networks 

Force  10  Networks  is  the  pioneer  in  high  performance 
switching  and  routing.  Based  on  a  revolutionary  sys¬ 
tem  architecture  that  delivers  best-in-class  resiliency 
and  massive  scalability,  Force  10’s  TeraScale  E-Series 
switch/routers  ensure  predictable  application  per¬ 
formance,  increase  network  availability,  and  reduce  operating  costs.  Today, 
many  of  the  world’s  largest  Gigabit  Ethernet  and  10  Gigabit  Ethernet  net¬ 
works  depend  on  ForcelO  Networks.  For  additional  information,  please  visit 
the  company’s  website  at  www.forcelOnetworks.com. 

866-571-2600  •  www.forcelOnetworks.com 
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wireless  products^*®  VftRITRONICS 
Systems 


Scott  Schober 
President  &  CEO 
Berkeley  Varitronics 
Systems,  Inc. 


BVS  has  been  in  the  wireless  industry  for  34  years  designing  and  manufactur¬ 
ing  wireless  test  equipment  that  excels  in  identifying,  simulating  and  locating 
various  forms  or  RF  interference  in  CDMA,  TDMA,  CW  and  802.11  Wi-Fi 
applications. 


732-548-3737  •  www.bvsystems.com 
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IPSWITCH" 


Collaboration  Suite 


Ipswitch,  Inc. 

Ipswitch  Collaboration 
Suite  (ICS)  provides  e-mail 
and  real-time  collaboration, 
calendar  and  contact  list  sharing,  and  protection  from  spam  and  viruses,  all 
delivered  in  an  easy  to  use  suite  designed  for  small-  and  medium-sized  busi¬ 
nesses.  ICS  is  a  set  of  comprehensive  collaboration  tools  based  on  e-mail,  the 
lifeblood  of  corporate  communication. 

781-676-5700  •  www.ipswitch.com 


Daniel  Dalarossa 
CEO  &  Co-Founder 
Cyclades  Corporation 

Cyclades,  the  leader  in  next-generation  IT  infrastruc¬ 
ture  management,  offers  the  AlterPath™  family  of 
products  that  provide  secure  alternate  paths  into  the 
production  IT  infrastructure,  enabling  remote  access 
to  disconnected  assets.  AlterPath  solutions  include 
console  servers,  KVM  and  KVM  over  IP,  power  control,  IPMI  Management, 
and  a  manager  to  control  the  entire  out-of-band  infrastructure. 
888-292-5233/510-771-6100  •  www.cyclades.com 


KallS 


Bill  Johnson 

VP,  Marketing 
Kall8 


Kall8  is  a  hosted,  switch-based  (PSTN)  toll-free  number  service  that 
includes  all  the  features  expected  of  a  VoIP  solution,  without  the  pitfalls 
of  IP  telephony.  In  one  service,  Kall8  offers  voice  mail,  inbound  faxing, 
real-time  call  detail,  online  tracking  tools,  custom  routing,  call  blocking, 
conferencing,  call  recording  and  more. 

866-222-1818  •  www.kall8.com 


All  efforts  have  been  made  to  make  this  listing  as  complete  and  accurate  as  possible.  Network  World  is  not  liable  for  errors  or  omissions. 
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—  during  the  middle  of 
the  day  —  without  taking 
the  site  down. 

“My  people  can  pre¬ 
serve  their  lives;  they’re 
not  up  at  all  hours  of  the 
night,”  Trachtenberg  says 
of  his  43-member  team. 
“Also,  I  can  be  very 
responsive  to  the  busi¬ 
ness.  I  don’t  have  to  wait  a 
good  24  hours  before  something  new  can  be 
seen  on  the  site.” 

Helping  with  the  response  time  is  a  pair  of 
NetScaler  load  balancers.  These  application 
accelerators  intelligently  balance  loads 
among  servers  based  on  how  taxed  those 
servers  are.  Plus,  they  cache  content  and 
accelerate  SSL  transactions  to  speed  the 
process  further. 

Once  the  orders  are  in  and  paid  for,  the 
data  goes  from  the  virtual  storefront  (at  a  col¬ 
location  point  in  downtown  New  York)  to 
FreshDirect’s  300,000-square-foot  facility 

The  company  uses  Oracle  Spatial  software 
to  determine  the  location  of  customers, 
down  to  units  in  an  apartment  building. 
Orders  are  organized  by  RouteSmart 
Technologies’  logistics  software,  which  deter¬ 
mines  how  to  best  organize  the  food  orders 
based  on  the  locations  of  the  recipients. 

The  data  then  goes  into  an  SAP  production 
system,  which  sends  meat  orders  to  the 
butcher’s  touchscreen.  The  butcher  cuts, 
wraps,  bar  codes  and  sends  the  meat  down  a 
conveyor  belt. The  process  is  repeated  for  all 
the  departments,  and  conveyors  lead  to  a 
sorting  area  where  employees  assemble 
boxes  of  groceries  based  on  what  the  system 
instructs. 

Meanwhile,  the  transportation  department 
watches  how  delivery  zones  and  time  slots 
are  filling  up,  and  then  adjusts  capacity  on 
demand  in  real  time.  If  there’s  an  area  where 
there  are  more  orders  coming  in,  a  larger 
truck  can  be  used,  for  example. 

In  all,  FreshDirect  produces  more  than  1 
million  items  a  week  among  30,000  orders. 

To  do  that  takes  a  really  diverse  team,  and 
Trachtenberg  marvels  at  the  variety  of  peo¬ 
ple  he  works  with  on  a  daily  basis  —  butch¬ 
ers,  bakers,  truck  drivers,  warehouse  person¬ 
nel,  software  developers,  marketers  and  a 
nutritionist.  A  rabbi  comes  in  during  the 
kosher  food  preparations. 

In  the  end,  though,  a  conversation  with 
Trachtenberg  always  comes  back  to  the  food. 

“This  past  weekend,  1  had  the  most  amaz¬ 
ing  Tbone,”  he  says.  “It  was  just  ridiculous.  It 
was  2  inches  thick.  It  took  probably  30  min¬ 
utes  to  cook  this  thing.  It  was  phenomenal. 
You  have  to  trv  our  meat  here.”* 
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■  As  IT  directorfor  the  Make-A-Wish  Foundation 
of  America,  Jim  Toy  lives  a  dreamy  job. 


Making  wishes  come  true 


BY  JULIE  BORT 

Jim  Toy’s  destiny  was  to  become 
a  child’s  wish  maker.  In  his  10 
years  as  IT  honcho  for  the  nonprofit  Make-A-Wish 
Foundation  of  America, Toy  certainly  has  fulfilled  that  role. 
Laid-back  and  soft-spoken,  the  36-year-old  New  Jersey 
native  has  helped  the  Phoenix-based  foundation  grant 
some  90,000  wishes  to  severely  ill  children  in  the  U.S. 

The  Make-A-Wish  Foundation  has  45  chapters  and  aver¬ 
ages  11,000-plus  wishes  a  year  (and  has  granted  about 
120,000  since  its  inception  25  years  ago). Toy  and  his  staff 
of  five  operate  the  15-server  network,  in-office  wireless 
LAN  and  half-dozen  critical  databases  that  support  the 
chapters.  More  importantly,  IT  staffers  use  their  creative 
energies  for  a  wide  variety  of  fund-raising  projects.  They 
design  countless  custom  Web  applications  for  sponsors, 
as  well  as  write  the  foundation’s  mission-critical  applica¬ 
tions,  such  as  WishMaker  Pro,  a  secure  Web  database 
application  built  on  Microsoft  SQL  that  tracks  the  details 
of  even  the  most  complex  wish,  and  Wish  Cafe,  a  wish¬ 
tracking  database. 

“What  I  love  about  my  job  is  that  no  two  days  are  the 
same  —  there  are  always  new  projects,  new  sponsors,  new 
creative  ideas  for  benefiting  Make-A-Wish, ’’Toy  says. 


Perhaps 


He  also  enjoys  the  can-do  attitude  that  permeates  the 
organization,  from  its  people  to  its  sponsors.  For  instance, 
Toy  is  embarking  on  a  project  to  build  a  custom  credit- 
card  ordering  application  to  interface  with  Bank  of 
America’s  security  systems.  Among  other  functions,  the 
interface  will  enable  Make-A-Wish  chapters  to  give  fami¬ 
lies  prepaid,  co-branded  credit  cards  for  wishes  involving 
a  shopping  spree  or  other  expenditures.  Toy’s  interface 
work  is  necessary  because  Bank  of  America’s  security  sys¬ 
tems  are  not  designed  to  allow  the  kind  of  ordering  pro¬ 
cedure  that  Make-A-Wish  will  need,  in  which  one  person 
orders  the  card,  payment  comes  from  somewhere  else 
and  it  ships  to  yet  another  address.’Typically, sponsors  will 
go  a  long  way  to  do  as  much  as  they  can  do,  but  rarely  is 
there  a  project  where  IT  is  not  involved,”  he  says. 

Toy,  a  self-described  “network  gu>(  loves  such  challenges. 
He  is  an  IT  executive  Everyman  operating  without  the 
kind  of  budgetary  support  his  corporate  counterparts 
enjoy  Toy  is  responsible  for  hiring  and  supervising  the  IT 
staff,  strategic  IT  planning  and  hands-on  network  manage¬ 
ment.  He’s  also  the  guy  sent  pounding  the  streets  for  dona¬ 
tions  of  the  IT  equipment  he  needs  (or  negotiating  inex¬ 
pensive  rates  for  them)  —  an  aspect  of  the  job  he  has 
grown  to  enjoy.“The  first  time  my  boss  asked  me  to  see  if 

See  Where,  page  67 
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I  could  get  the  equipment  I  need¬ 
ed  donated,  I  didn’t  like  calling 
and  asking  at  all.  But  people  hear 
the  Make-A-Wish  name  and  really 
come  through, and  now  1  love  it.  It 
doesn’t  matter  if  it’s  a  $150  piece 
of  software  or  a  $50,000  worth  of 
hardware,  people  are  as  generous 
as  they  can  be.” 

Even  with  deeply  discounted 
rates,  big  IT  projects  require  Toy 
to  secure  grant  money  which  he 
did  for  the  $100,000  project  that 
refreshed  PC  technology  office¬ 
wide,  completed  three  months 
ago. Through  this  project, Toy  and 
his  staff  upgraded  more  than  70 
PCs  from  archaic  400-MHz 
machines  to  sleek  Dell  Optiplex 
GX  280s  with  flat-screen  moni¬ 
tors  and  multimedia  CDs. 

Besides  the  state-of-the-art  PC 
and  server  technology,  custom 
Web  and  data  applications,  Toy 
manages  a  24/7  network  com¬ 
plete  with  two  wireless  802.11b 
routers.  He  also  supports  video- 
conferencing.  Video  has  become 
standard  for  meetings  with 
remote  office  staff,  which 
include  a  person  posted  in  Los 
Angeles  orchestrating  wishes 
involving  celebrities,  and  one 
teleworking  from  Hawaii. 

And  he’ll  still  do  anything  else 
needed  of  him.  He’s  even  been 
known  to  perform  telephone 
break/fix  support  for  hand- 
wringing  office  managers  in  far- 
flung  chapters  (although  one 
position  on  his  staff  is  help 
desk).  “This  position  is  really 
hands-on.  1  enjoy  doing  a  lot  of 
the  networking  maintenance,”  he 
says. And  because  he’s  good  with 
a  screwdriver,  he  once  was 
called  in  as  a  pinch-hit  assembly 
man  for  a  Barbie  Jeep, “when  the 
local  chapter  picked  it  up  at  the 
last  minute  and  couldn’t  get  it 
together,”  he  recalls.  He  does  his 
fund-raising  part,  too,  preferably 
on  his  Harley  He  joins  in  the 
local  club’s  annual  fund-raising 
event,  Wednesday  Ride  for 
Wishes,  and  takes  part  in  an 
annual  250-mile  ride. 

Toy  feels  an  affinity  for  the 
organization  that  goes  deeper 
than  a  job  he  enjoys.  As  a  boy,  he 
dreamed  of  being  a  police  offi¬ 
cer.  He  lived  his  dream  by  serv- 
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Hie  mission  of  the  organization 
is  a  big  pull  for  me.” 


ing  for  nearly  a  decade  as  a  part- 
time  reserve  officer  in  Tolleson, 
Ariz.,  while  holding  down  his 
daytime  IT  job.  Make-A-Wish,  too, 
was  founded  on  a  child’s  dream 
to  be  a  policeman.  A  quarter- 
century  ago,  7-year-old 
Christopher  Greicius,  suffering 
from  leukemia,  had  his  day  as  an 


honorary  Arizona  highway 
patrolman,  complete  with  a  spe¬ 
cially  sewn,  authentic  uniform 


and  tiny  helmet.  Greicius  died  a 
few  days  later,  and  the  officers 
involved  were  so  moved  by  the 


experience  that  they,  along  with 
the  Greicius  family,  founded 
Make-A-Wish. 

“The  mission  of  the  organiza¬ 
tion  is  a  big  pull  for  me, ’’Toy  says. 
“It  gives  me  a  real  sense  of  satis¬ 
faction.  I  thrive  on  that  urgency 
and  the  creativity  here.The  ideas 
for  wishes  are  phenomenal.”  ■ 


SHARE  GIGS  OF  CONFIDENTIAL 
INFORMATION  ON  THE  INTERNET 

AND  IT  WONT  BE  CONFIDENTIAL  FOR  LONG. 

More  data  to  manage  typically  means  more  reason  to  worry  about  security 
and  accessibility.  But  with  Ipswitch’s  industry-leading  FTP  solutions,  users 
can  easily  and  fearlessly  transfer  files  without  compromise.  Designed 
specifically  for  small-  and  medium-sized  businesses,  Ipswitch  WS_FTP'< 
Professional  and  Ipswitch  WSJTP  Server  feature  easy  set-up  and 
straightforward  data  management.  It’s  data  management  made  simple. 

Ipswitch  WS_FTP  Professional. 

Ipswitch  WS_FTP  Server. 

It  just  works. 

Visit  www.ipswitch.com  to  . 
download  a  30-day  free  trial.  1  P  S  ^ 
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®  Chris  Humphrey 
Vice  President  of 
Marketing 
Lantronix 

Lantronix  is  a  leader  in  secure  remote  management  and  device  connectivity 
solutions.  Our  products  enable  users  to  remotely  manage  data  center  equip¬ 
ment  from  anywhere,  even  if  networks  are  down.  With  a  nearly  two  decades 
of  experience,  Lantronix  is  a  one-stop  shop  for  technologists  who  design, 
manage  and  administer  IT  equipment. 

949-453-3990  •  www.lantronix.com 


■  Douglas  Smith 

President  &  Co-Founder 
Network  Instruments,  LLC 

Network  Instruments  is  the  industry-leading  developer 
of  distributed,  user-friendly  and  affordable  network 
management,  analysis  and  troubleshooting  solutions. 

The  award-winning  Observer  family  of  products  com¬ 
bines  a  comprehensive  management  and  analysis  console 
with  high-performance  probes  and  network  TAPs  to  provide  integrated  monitoring 
and  management  for  the  entire  network  (LAN,  802.1 1  a/b/g,  gigabit,  WAN). 
800-526-7919  /  952-358-3800  •  www.networkinstruments.com 


Layton  Technology,  Inc. 

Layton  Technology  is  a  global  developer  of 
IT  auditing  and  helpdesk  software  solutions. 
Our  Windows-based  suite  of  products 
Technology  enables  companies  to  manage  and  internally 
support  their  technology  assets  enterprise¬ 
wide  to  ensure  compliance  and  operate  more  cost-effectively.  Today,  more 
than  15,000  companies  worldwide  use  AuditWizard™  either  alone  or  in 
combination  with  our  value-added  software  modules  and  services,  including 
our  Web-based  Help  Desk  solution,  HelpBox™ . 

813-319-1390  •  www.laytontechnology.com 
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Postini,  Inc. 

Postini,  the  global  leader  in  secure 
e-mail  boundary  services,  prevents 
e-mail  threats,  enforces  policy 
compliance,  and  improves  e-mail  manageability.  Postini’s  patented  preEMPT 
technology  eliminates  spam,  viruses,  phishing,  and  other  threats  before  they 
can  ever  reach  your  network. 

650-482-5130  •  www.postini.com 


Noam  Lotan 
President  &  CEO 
MRV  Communications,  Inc. 

Founded  in  1988,  MRV  Communications  provides 
leading  edge  Enterprise  solutions  —  Secure,  Advanced 
Accessibility  for  your  Network.  Our  media  cross  con¬ 
nect  physical  layer  switch  and  secure,  remote  console 
server  solutions  provide  you  with  infinite  flexibility 
and  ease  in  managing  your  network.  We  also  provide  a  broad  range  of  media 
converters,  optical  transport  WDM  systems  and  optical  switches. 
818-773-0900  •  www.mrv.com 


Raritan. 

When  you’re  ready  to  take  control.1 


Dr.  Ching-I  Hsu 
Chairman  &  CEO 
Raritan 


Raritan  is  a  leading  provider  of  products  for  managing  IT  infrastructure. 
Raritan’s  highly  reliable  and  responsive  IT  management  solutions  enable 
companies  to  proactively  monitor  and  manage  system  health  and  vulnera¬ 
bility,  as  well  as  troubleshoot,  access  and  repair  faults  from  anywhere, 
at  anytime.  This  simplifies  and  accelerates  data  center  work  processes  — 
improving  service  uptime  and  staff  productivity. 

800-724-8090  •  www.Raritan.com 


Dave  Auwarter 

CEO 

NetSupport,  Inc. 

Specializing  in  software  to  manage  and  support  Local  and  Wide  Area 
Computer  Networks,  NetSupport’s  products  are  utilized  on  more  than 
7  million  desktops  throughout  50  territories.  NetSupport’s  award-winning 
products  include  NetSupport  Manager  Remote  Control  and  PC  Management, 
NetSupport  DNA  Enterprise  IT  Asset  Management  and  NetSupport  School 
classroom  instructional  software. 

770-205-4456  •  www.netsupport-inc.com 


Jerry  M.  Kennelly 
CEO  &  President 
Riverbed  Technology,  Inc. 

Riverbed  solves  WAN  application  performance  and  file-sharing  problems 
for  companies  all  over  the  world.  Riverbed  appliances  accelerate  applications 
by  up  to  100  times,  and  expand  bandwidth  ten-fold,  allowing  geographically 
dispersed  teams  to  run  applications  off  central  servers  and  share  large  files  as 
if  they  were  all  working  in  the  same  office. 

415-247-8800  •  www.riverbed.com 
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David  Rahvar 
General  Partner 
Rose  Electronics 

Recognized  as  the  pioneer  of  KVM  switch  technology, 
Rose  Electronics  offers  the  industry’s  most  compre¬ 
hensive  range  of  server  management  products  such 
as  KVM  switches,  KVM  extenders,  KVM  drawers  and 
KVM  over  IP  solutions.  Rose  Electronics  products  are 
known  for  their  quality,  scalability,  ease  of  use  and  innovative  technology. 
800-333-9343  /  281-933-7673  •  www.rose.com 


Anders  Gustafsson 
Chief  Executive 
Spirent  Communications 

Spirent  Communications  is  a  global  provider  of  inte¬ 
grated  performance  analysis  and  service  assurance 
systems  that  enable  the  development  and  deployment 
of  next-generation  networking  technology  such  as 
Internet  Telephony,  broadband  services,  3G  wireless, 
and  network  security  equipment.  Spirent’s  solutions  are  used  by  more  than 
1,500  customers  in  30  countries,  including  the  world’s  largest  equipment 
manufacturers,  service  providers,  enterprises  and  governments.. 
800-927-2660  •  www.spirentcom.com 


Sensaphone 

The  new  Infrastructure 
Monitoring  System  IMS- 
4000  has  built-in  features 
to  monitor  network  environment  and  IP  devices,  automatically  sending  alarm 
messages  to  remote  personnel.  This  unique  scalable  system  can  protect  net¬ 
works  of  all  sizes  and  complexities.  Its  data  logging  feature  provides  full  event 
history  and  an  audit  trail  allowing  managers  to  store  critical  information  plus 
detect  alarm  occurrence. 

877-373-2700  /  610-558-2700  •  www.sensaphone.com 


Stratton  Sclavos 

CEO 

VeriSign 

VeriSign  operates  intelligent  infrastructure  services 
that  enable  businesses  and  individuals  to  find, 
connect,  secure  and  transact  across  today’s  complex 
global  networks. 

650-961-7500  •  www.verisign.com 


Server  Technology,  Inc. 

Server  Technology,  Inc.  is  a  worldwide  leader  in 
providing  Solutions  for  the  Data  Center  Equipment 
cabinet  with  its  line  of  Sentry  Cabinet  Power  Distri¬ 
bution  Units.  Combine  single  or  three-phase  power 
distribution  with  power  monitoring  via  IP,  environ¬ 
mental  monitoring  and  remote  control  of  switched 
power  outlets  in  remote  data  center  cabinets. 

775-284-2000  •  wnvw.servertech.com 


Server  Technology,  Inc. 


Iain  Milnes 

President 

Zultys  Technologies 

Iain  Milnes  is  a  serial  entrepreneur  who  founded 
Zultys  Technologies  in  October  of  2001.  Zultys 
produces  IP  telephony  media  exchanges,  phones, 
and  peripherals,  winning  global  awards  for  the  best 
in  modern  VoIP  technology.  The  company  employs 
over  200  people,  has  distribution  in  1 14  countries  and  its  own  branch  offices 
in  ten  countries. 

408-328-0450  •  www.zultys.com 


Ramesh  Sheth 

President 
S.I.  Tech 

S.I.  TECH  is  a  leading  manufacturer  of  Fiber  Optic  Communication  products, 
established  in  1984  in  Geneva,  IL,  a  western  suburb  of  Chicago.  The  company 
offers  high  quality,  high  reliability  products  for  enterprise,  industrial,  govern¬ 
ment,  military  and  educational  connectivity  needs.  Products  are  available 
worldwide  under  BITDR1VER  trade  name.  Company  is  ISO  9001-2000 
registered  and  products  are  UL/CSA/CE  listed. 

630-761-3640  •  www.sitech-bitdriver.com 
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I  come  up  with  far-out 
ideas,  and  I  need  to 
have  them  validated.” 


Your  blogs  combine  the 
personal  and  the  professional 
to  find  the  better  you. 
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Weblogs, 


evervone  from  the  local  banker  to  the 
grandma  next  door  is  writing  one.  and  net* 
exception.You  blog  about  work,  family. games, 
d  causes,  all  from  that  particularly-  network 
;w.  where  posts  about  database  system  wars 


rabble-rouser 

For  James  McGovern,  a  37-yeur-okl  enterprise 
architect  for  a  Fortune  1 00  company  in  Hartford. 

Conn.,  blogging  is  a  wav  to  secretly  escape  the 
sometimes  stifling  corporate  culture  in  which  he 
labors.  His  blog.  "Thinking  Out  Loud:  Thought 
Leadership  from  an  Enterprise  Architect,  at 
blogs.ittoolbox.com/eai/leadership,  is  the  perfect 
place  for  McGovern  to  take  a  virtual  step  out  of  his 
office  and  get  a  reality  che  / 

"In  a.  corporate  environmer 
responses  o-  ,-©i  r  it  e  L,  In  the  blog< sphered*  your  images 
v  .  f  sucks,  people  will  tell  you  very  honestly'  agt 
what  they  think.  McGovern  says.'l  come  up  with.  a.  muc 
far-out  ideas,  and  I  need  to  have  them,  validated-  www.b 
This  honest  and  velevat  aek  is.  in  part,  why  consul! 
McGovern  chose  to  host  his  bit )g  at  ITT  ><  Iboxcom.  future  r 

a  site  that  caters  to  the  IT  professional,  eliminating  believe 
the  randomness  of  other  blog  he  isfing  sites.’  !  kt row  I  iave  te 

JiTi  not  the  only  one  thinking  about,  tilings  like'  improv 
compliance.,  he  says,  •  Lor;  ir 

"  The  father  ot  two  young  children  and  a  faing  fu  pr-ograi 
movie  addict.  McGovern  sees  blogging  as -a  "pro-  nation; 
gresxivetc®rthat helps hinMo higfob  better;  But  ho  .sectnit 


that  involves  a  lot  of  conceptual  and  s  mire  ...  .. 
tere  is  ?thin 

own  hands  to  produce  a  tangible  result,  he  writer 
;rm<  jinits  that  ■  ggin 

’'Tl.e  time-signatures  [are  often |  midnight  or  1  Win. 

r  )i ne  crazy  h< nir  w bei i  the  kids,  rav 

bed  and  everything's  calmed  down.  Ill  be  sitting 

there  watching  TV  or  readius.  a 

across  a  good  idea  and  start  blogging  at  x mt  it. and 

suddenly  it's  a.m.,"he says/  My  wife  calls  bersdt  a 

bloggil  ig’  wi(  low. 

Berman  also  sees  his  blog  as  a  legacy  tor  his  kids 
and  would  have  loved'  such  a  re<  ?itf 
father  or  grandfather.  "I  wish  I  c<  ild 
insight  into  what  made  th<  m  tick, 
about,  how  they  thought  and  wh. 
thev  would  have  had  for  me/ ho  says. 

That  Irk  rgging  about  chess  u  it  in  umvc  ft  is  iv*  >1 

earl  lead  to  better  job  pertonnaii 
Berman..  "I  in  looking  U  >  I  >t'<  rack  mi  n 
ing/ and  il  the  six  to  lb  hours  .spt  it  blur; 
week  can  improve  the  10-plus  hours 
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g  the  best  answer.  Ihevre  getting 
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The  Next-Generation  IT  Infrastructure 

Cyclades  AlterPath™  System  is  the  industry's  most  comprehensive  Out-of-Band 
Infrastructure  (OOBI)  system.  The  AlterPath  System  allows  remote  data  center 
administration,  eliminating  the  need  for  most  time-consuming,  remedial  site 
visits.  When  fully  deployed  in  your  data  center,  Cyclades  AlterPath  System  lowers 
the  risks  associated  with  outages,  improves  productivity  and  operational 
efficiency,  and  cuts  costs. 

Each  component  of  the  AlterPath  System  is  designed  to  seamlessly  integrate 
into  the  enterprise,  able  to  scale  in  any  direction.  Whether  you  need  serial 
console  management  of  networking  equipment,  KVM  for  access  to  Windows® 
servers,  branch  management,  IPMI  or  HP  iLO  for  service  processor 
management,  or  advanced  power  management,  the  AlterPath  System  delivers. 
Cyclades  brings  it  all  together,  making  OOBI  administration  seem  like  child’s  play. 


Over  85%  off  Fortune  100 
choose  Cyclades. 

www.cyclades.com/nw 

1 .888.cyclades  •  sales@cyclades.com 


cyclades 
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The  Ultimate  Network  Management  Tool 


The  Smartest  Tester  in  the  LAN 

Network  installers  and  IT professionals  need  better 
tools  to  keep  their  systems  working  at  peak  efficiency. 

LanScaper  Network  Tester  is  the  first  network  management 
device  to  combine  the  capabilities  of  a  world-class  cable  tester 
with  advanced  abilities  to  monitor  and  correct  network  problems 
connected  with  physical  layer  and  link  conditions. 

Just  see  what  LanScapefM  can  do  for  your  network _ 

•  Conducts  link  tests  to  id  speed/capabilities  and  activity  of  network  drops 

•  Verifies  functional  speed  capability  of  terminated  unconnected  cable  runs  by  sampling  data 
packets  between  two  LanScaper™  units,  which  exercises  the  run  and  reports  the  result 

•  Identifies  port  service:  POTS,  Ethernet,  ISDN,  Token  Ring,  etc. 

•  Pings  network  devices  to  verify  connections  and  ip  addresses 

•  Automatically  accesses  DHCP  hosts  and  obtains  network  information 

•  Tests  cabling  configuration  and  verifies  connectivity  and  length  of  run  while  conducting  tests 
for  opens,  shorts,  miswires,  split  pairs  and  reversals  per  TIA568  interconnect  specifications 

•  Identifies  hubs,  NIC  or  auto  mdi/mdi-x  devices 

•  Blinks  HUBS  to  ascertain  connected  configuration 

•  Displays  advertised  network  speed/duplex 

•  Measures  and  reports  any  voltage  on  lines 

•  Reports  legacy  “Phantom  Power”  conditions 

•  Wiremaps  network  connections  with  remote  identifiers 

•  Generates  multiple  tone  levels  for  signal  tracing  and 
cable  identification — NT750 kit  includes  free  tone  tracer 


LanScapef 
comes  in  a 


complete  kit 
^Reirerytft/hg 
you  need  to 
test,  trace  and , 


tune  your 


network 

system. 


NT750 


Only 


$429.85 


for  the 


We  Make  It 


in  the 


USA 


Test-Um  Inc. 

The  Intelligent  Test  Solutions  Company 


805-383-1500  •  fax  805-383-1595 
www.test-um.com  •  sos  calle  plano  •  camarillo,  ca  93012 


SERVERS  WITHIN  YOUR  REACH 
FROM  ANYWHERE 


LOCAL  OR  REMOTE  SERVER  MANAGEMENT  SOLUTIONS 


UltraMatrix™ 

Remote 


KVM  OVER  IP 


MATRIX  KVM  SWITCH  WITH 
INTEGRATED  REMOTE  ACCESS  OVER  IP 


,  System-wide  connectivity  over  IP  worldwide  and  locally 
'  Connects  1,000  computers  to  up  to  256  user  stations 
Supports  PC,  Sun,  Apple,  USB,  UNIX,  serial  devices 
High  quality  video  up  to  1280  x  1024 
Secure  encrypted  operation 

View  real-time  video  from  4  computer  connections  with 
quad-screen  mode 


The  .UltraMatrix  Remote  represents  the  next  generation  in  KVM  switches  with  IP  access.  It 
'  provides  a  comprehensive  solution  for  remote  server  access  over  IP  and  local  as  well. 

■  KVM  RACK  DRAWERS  WITH  KVM  SWITCH  OPTION 

^  '  •  ■  ■  V 

7.  RackViews  offer  the  latest,  most  efficient  way  to  organize  and  streamline  your 
server  rooms  and  multiple  computers. 

.  The  RackView  is  a  rack  mountable  KVM  console  neatly  fitted  in  a  compact  pull-out 
J-.  drawer.  This  easy-glide  KVM  drawer  contain  a  high-resolution  TFT/LCD  monitor,  a 
3W::'  tactile- keyboard,  and  a  high-resolution  touchpad  or  optical  mouse. 


UltraMatrix™  ■  PROFESSIONAL  MULTI-USER  KVM  SWITCH 

E-series  2  -  4  KVM  STATIONS  TO  1 ,000s  OF  COMPUTERS 

KVM  SWITCH  •  PC  or  multi-platform  (  PC/Unix,  Sun,  Apple,  others) 

•  On-screen  menu  informs  you  of  connection  status  between  units 
in  an  expanded  system 

•  Powerful,  expandable,  low  cost 

•  No  need  to  power  down  most  servers  to  install 

•  Security  features  prevent  unauthorized  access 

•  Free  lifetime  upgrade  of  firmware 

•  Video  resolution  up  to  1600  x  1280 

•  Available  in  several  models 

•  Easy  to  expand 

The  UltraMatrix  E-Series  represents  the  latest  in  KVM  matrix  switch  technology,  at  an 
affordable  price.  The  E-Series  allows  you  to  connect  up  to  256  user  stations  to  as  many  as 
1,000  computers.  The  UltraMatrix  E-Series  is  available  in  several  sizes:  2x4,  2x8,  2x16, 

4x4,  4x8,  4x16,  1x8,  and  1x16  in  either  PC  or  multi-  platform. 


XtendVue  RackView 

Vertical  Rack  mountable  LCD  Fold-Forward 

With  Buit-in  KVM  Extender 


RackView 

Fold-Back 


RackView 
LCD  Monitor 


RackView 

Keyboard 


ROSE  US 
ROSE  EUROPE 
ROSE  ASIA 
ROSE  AUSTRALIA 


281  933  7673 
+  44  (0)  1264  850574 
+  65  6324  2322 
+  617  3388  1540 


800-333-9343 

WWW.ROSE.COM 


ELECTRONICS 


-> 


Aluminum  Cabinets  provide  protection  against  dust,  moisture,  and  EMI 

The  new  Form  4  range  of  rugged  aluminum  cabinets  from 
Optima  EPS  has  been  designed  to  provide  reliable  protec¬ 
tion  to  UL-508Type  12  specifications,  as  well  as  offering 
options  for  up  to  1 0OdB  of  EMI  attenuation.  The  cabinets 
are  easily  customized  to  suit  the  required  height,  depth, 
and  width,  including  19" and  24"  widths 

The  combination  of  Nema  1 2  protection  and  RFI  shielding 
in  a  low  weight  cabinet  makes  the  Form  4  cabinet  suit¬ 
able  for  a  wide  range  of  applications,  such  as  computer 
simulation,  test  and  measurement,  industrial  control,  and 
computer  storage  installation.  For  maximum  flexibility,  the 
reinforced  doors  are  field-reversible  and  open  1 22  degrees 
for  access,  with  concealed  hinges  and  multipoint  locking 
for  security  and  clean  lines. 


We  deliver  customized  19-inch 
cabinets  in  just  2  weeks 

Every  electronic  system  is  different,  so 
its  not  surprising  that  standard  1 9-inch 
cabinets  don't  always  offer  the  ideal  system 
packaging.  That's  why  Optima  has  intro¬ 
duced  the  Custom  Cabinet  14  service: 
customized  cabinets  delivered  to  your  door 
in  just  14  days. 

You  decide  where  you  want  the  holes  and  handles.  How  many  shelves  you  need.  Where 
the  doors  should  be.  And  what  accessories  you  want.  Then  we  put  it  together  -  fast. 

So,  with  the  Optima  EPS  Custom  Cabinet  1 4  service,  you  don't  have  to  keep  space 
hungry,  expensive  inventory,  because  your  ideal  cabinet  is  just  2  weeks  away. 


Wall-mount 
swing  frame 
suits  both 
electrical 
wiring  and 
19"  electronic 
equipment 

applications. 

Optima  EPS 
announces 
the  launch  of  a 
versatile  range 
of  wall-mount  swing  frame  cabinets,  designed  to 
suit  both  electrical  wiring  and  electronics  applica¬ 
tions.  Locks  to  the  rugged  front  and  rear  doors 
permit  the  whole  frame  to  clear  the  wall  to  sim¬ 
plify  installation  and  maintenance  for  electrical 
contractors  and  manufacturing,  instrumentation, 
and  automation  applications.  The  Frame  is  de¬ 
signed  to  accept  standard  19"  racks  and  fittings, 
as  well  as  electrical  components,  and  is  available 
in  a  range  of  colors  and  six  standard  sizes  from 
23"  x  1 4"  to  48"  x  20". 


Cabinet  Passes  NEBS  Level  4 


This  range  of  19"  and  24"  wide  cabinets  use 
welded  aluminum  construction  to  provide 
lower  weight  NEBS  compliance  for  seismic 
regions.  Heavy-duty-aluminum  extrusions 
are  combined  with  seven-guage  steel  base  to 
provide  a  rugged  floor-mounting  design  able 
to  resist  shock,  bending  and  vibration  stresses. 
The  cabinets  are  designed  for  deployment  in 
earthquake-prone  areas  to  Zone  4,  and  comply 
with  BelcoreTR-63/ANSI-329,  suiting  appli¬ 
cations  in  defence,  rack-mount  computers, 
manufacturing,  and  telecom. 


>*«*•*< 


If  we  can  do  this  then  your  server  application 
is  safe  with  us! 


Custom 


NEBS  Compliant  Seismic  Cabinet 

Optima's  rugged  design  is  the  earthquake  and  vibration  resilient 
foundation  you  need  to  securely  protect  and  support  your  equip¬ 
ment.  Our  knowledge  and  design  experience  has  enabled  us 
to  manufacture  over  5000  seismic  hardened  cabinets  which  are 
installed  in  Zone  4,  NEBS  Compliant  infrastructures  worldwide! 

Our  vast  product  range  and  our  ability  to  customize  cabinets, 
consoles,  and  instrument  cases  make  optima  the  ideal  choice  for 
all  your  enclosure  needs. 

Visit  us  at  www.optimaeps.com  to  find  out  more 
or  call  us  today  on  770-496-4000 


Commercial 

Telecom 

Seismic 

EMC 

Desk  Systems 
Instrument  Cases 
Accessories 


Optima  EPS 

Cabinets  &  Enclosures 

An  ELM  A  Company 
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Control  Power  on  Any  AC 
Powered  Device ... 

Via  Web  Browser,  Telnet, 
Modem  or  Local  Terminal 

Servers,  routers,  and  other  electronic  equipment  occasionally 
"lock-up",  often  requiring  a  service  call  to  a  remote  site  just  to 
flip  the  power  switch  to  perform  a  simple  reboot.  With  WTI's 
Remote  Power  Switches,  you  can  perform  reboot  and  On/Off 
control  from  anywhere! 

Web  Browser  Access  for  Easy  Setup  and 
Operation 

Encrypted  Password  Security 

Dual  15  Amp  Power  Circuits 
Total  30  Amps  Maximum  Load 

1 1 5  VAC  and  230  VAC  Models 
Up  to  Sixteen  (1 6)  Individual  Outlets 
RS232  Modem  /  Console  Port 
Network  Security  Features 
Power-Up  Sequencing 


V 


Web  Browser  Interface 


Yes,  We  are  Customer  Friendly! 

V  Two  Year  Warranty 

</  We  Stock  for  Same  Day  Shipment 

V  30  Day  Return  Policy 

V  Call  or  Email  for  an  Online  Demo 


[il 


Dual 

Power 

Inputs 


ITJUlfc 


□ 

□ 


Model 

NBB-1600 

www.wti.com 


western  telematic  incorporated 

5  Sterling  •  Irvine  •  California  •  92618-2517  •  (800)  854-7226 


Beat  Your  Budgets  With  A  Lease 

(or  ADD  to  existing  leases!) 


NO  CHARGE  for  3D  drawings  of  your 
room/site.  We  just  need  the  dimensions 
of  the  room  along  with  an  equipment  list. 

QUICK  SHIP  We  ship  within  5  business 
days  of  order  receipt. 


We  accept  VISA,  Mastercard,  and  American  Express 

For  specs,  please  check  out  our 

The  Salix  Group  •1.800.668.9319  •  www.salixgroup.com 

G.S.A  Approved  (GS29F0269H)  Standing  offer  -  E60PS-0-0035/Q03/PS 


CDI  offers: 

p-e  Hardware  encryption  over  dial-up 
and  network  connections 
p-*  RSA  certified  SecurlD  authentication 
without  a  network, 
p-#  Patented  central  management  of  all 
remote  devices 


Full  NIST,  FIPS  140-2  certifications 

Remote  Power  control 

Homologous  world-wide  approved 
internal  modems 


CDI  has  been  building  encryption  equipment  for  over  fifteen  years.  Our  customers  and  partners  include 
major  financial  institutions,  government  agencies,  major  telcos,  utilities,  and  the  United  States  military. 


Communication  Devices  Inc. 
^H.outofbandmanagi^^Hom 


INSTRUMENTS 


OBSERVER" 


How  much  can  your  network  analyzer  see? 

Observer  is  the  only  fully  distributed  network  analyzer  built  to 
monitor  the  entire  network  (LAN,  802.11  a/b/g,  Gigabit,  WAN). 
Download  your  free  Observer  10  evaluation  today  and  experience 
more  comprehensive  real-time  statistics,  more  expert  events, and 
more  in-depth  analysis  letting  you  dive  deeper  into  your  network 
than  ever  before.  Choose  Observer. 


-  DRI1GER-  Guard  against  the  latest  network  threats  by  identifying 
and  isolating  infected  systems  automatically. 

-  DRTR  Mini  nG-  Analyze  gigabit  traffic  and  massive  amounts 
of  data  with  Observer's  expanded  options  for  data  mining. 

-  JURK  TRRFF  l  E  -  Identify  broadcast  storms,  monitor  excessive 
traffic,  and  optimize  bandwidth  with  Observer's  many  utilization 
metrics  and  over  30  real-time  statistics. 


US  &  Canada 


toll  free  800.526.5958 
fax  952.932.9545 


UK  &  Europe  +44(0)  1959569880 

www.networkinstruments.com/analyze 


Kail  3 

Real-time  Activation  of  Toll  Free,  ^ 

Local,  and  International  Telephone  Numbers 

Toll-free  Service  As  Versatile  .<.n. 
as  You  and  Your  Business 


NO  EQUIPMENT  TO  BUY 
NO  SOFTWARE  TO  INSTALL! 


I 


Not 

another 

VoIP 

solution! 


Toll-free  service  without  the  hassle. 


Works  with  every  phone  system, 


Pay-as-you-go  with  no  contract. 


whether  pulse,  tone,  digital, 


Add  a  toll-free  number  for  only  S2* 


cellular,  wireless  device,  or  IP. 


and  keep  your  current  phone  service; 

there  is  no  need  to  switch!  Instant  activation  of  numbers! 


Keep  or  choose  your  toll  free 
number!  Add  new  numbers  anytime! 

)ntrol:  Take  your  toll  free  number 
with  you  and  never  miss  calls! 

adorn:  Change  where  your 
toll  free  number  rings  with  the 
click  of  a  mouse! 

exibility:  Route  calls  by 
day,  time,  call  area  -  even 
custom  route  specific  callers! 

■  elligence:  Record  calls, 
view  call  detail  -  even 
capture  Caller  I.D.  on 
unanswered  calls! 


★  24/7  Secure  Online  Control 

★  View/Retrieve  Faxes  and 

Voice  Mail,  online  or  in  email 

★  Real-time  Call  Detail 

★  Reporting  and  analysis  tools 

★  Over  a  Dozen  Features: 

Call  Blocking,  Conferencing, 
Call  Recording,  Custom  Call 
Routing  and  Distribution, 
Automated  Receptionist, 
...and  MORE! 

Truly  as  little  as 
$2  per  month  and 
cO^Ve;eS\  ‘jUst  6.9c  per  minute! 

1.866.930.3131 


Overheated? 

Plug  In 
The  Simple 
Solution. 

MovinCool  spot  air  conditioners 

are  the  answer  to  your  overheating 

problems.  Just  roll  it  in.  Plug  it  in. 

Turn  it  on.  It’s  that  simple. 

►  Up  to  60,000  Btu/h  of  cooling 
power  right  where  and  when 
you  need  it 

►  Protects  against  data  loss  and 
equipment  failure 

►  #1  in  portable  air  conditioning 
for  over  30  years 

►  The  only  portable  air 
conditioner  ETL-verified 
for  performance 


MCMNCOOL 


www.kaH8.com/nww 

Mention  'NWW0705"  when  you  call  or  sign  up  via  the  Web, 
and  we  will  waive  your  activation  fee! 


THE  #1  PORTABLE  SPOT  COOLING  SOLUTION 
800-264-9573  or  visit  www.movincool.com 


©2005  DENSO  Sales  California,  Inc.  MovinCool,  SpotCool  and  Office  Pro  are  registered  trademarks  of  DENSO  Ccrporafion. 
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MARKETPLACE 


MARKETPLACE 


SENSAPHONE 
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/zetworkTAPs  ® 


TAP  into  Performance 

Monitor  mission-critical  links  with  the 
latest  technology  through  new  nTAPs 


Stop  jeopardizing  network  performance  and  risking  costly  downtime.  Be  confident  you 
have  maximum  visibility  into  your  full-duplex  links  by  configuring  an  nTAP  solution  that 
fits  your  network  and  budget.  Visit  www.networkTAPs.com/visibility  today. 


i  Ethernet  Copper  nTAP 

For  copper-to-copper  connections 
Choose  your  speed: 

10/100 . $395 

f  10/100/1000 . $995 


10/100/1000  Conversion  nTAP 

Copper  input  with  copper  or 
fiber  output  options 
1  Choose  your  analysis  output: 

SX . . . $1,995 

LX . . . $1,995 


B  Optical  Fiber  nTAP 

Multiple  split  ratios 

Choose  your  port  density: 

Single  channel . 

. $395 

K|  Fnnr  rhannpl 

$1,795 

Six  channel . 

$2,395  , 

_ a 

To  learn  more  about  how  nTAPs  can  boost  your  network  visibility  and  which  configuration  option 
is  best  for  you,  go  to  www.networkTAPs.com/visibility  or  call  866-GET-nTAP  today. 

Free  overnight  delivery* 


FC  cc 


‘Free  overnight  delivery  on  all  U.S.  orders  over  $300.00  confirmed  before  12  pm  CST. 

nTAP  and  the  nTAP  logo  are  trademarks  or  registered  trademarks  of  Network  Instruments,  LUL 


mTAP 


Tel:  877-373-2700 
www.ims-4000.com 


SENSAPHONE 
01  Tryens  Road 
Aston,  PA  19014 


•  Water  on  the  Floor 

•  Temperature 

•  Power  Problems 

•  Security 

•  Smoke  and  Fire 

•  Humidity 

•  Video 

•  And  much  more 


Looking  ahead  to  your  next  network  project? 
Need  information  now? 

Check  out  VENDOR  SOLUTIONS  for  the  most  comprehensive  information 
on  network  IT  products  and  solutions  for  your  business  including: 

>  White  Papers 

>-  Special  Reports  Visit  www.networkworld.com/vendorsolutions  today. 

“  NtTWORKWORLD 

>*  Marketplace  Product  Finder 
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FIBER  OPTIC  SOLUTION 


Tl/El  &  T3/E3  Modems 
RS-232/422/485  Modems  and 
Multiplexers 

IBM  3270  Coax,  AS400  Twinax,  and 
RS6000  Modems  and  Multiplexers 
LAN  -  Arcnet/Ethernet/Token  Ring 
Video/Audio/Hubs/Repeaters 
I S  0  -  9  0  0 1 

USB  Modem  and  Hub 


Toll  Free  866-SITech-l 
630-761-3640,  Fax  630-761-3644 
www.sitech-bitdriver.com  or  www.sitechfiber.com 


Monitor  the 


REST  of  your  Computer  Room! 


Dealers  Wanted 


WLAN 

SPECTRUM  ANALYZER 

True  Spectrum  Analysis! 
Not  a  WLAN  chip  set 


All  2.4  and  5 
GHz  bands  in 
one  unit  for 
only  $4400. 

Single  band 
2.4  GHz  unit 

|  q  a  a  ■  for  only  $2600. 

I  GS  SB  ■ 

1  •  St  ®  ESS  ■  Calibrated  Antennas 
Immediate  Delivery 

BANTAM  INSTRUMENTS 

www.Bantamlnstruments.  com 


Power  Internal 
UPS 


Sound 
Monitoring 


(lemperulure,  Humidity, 
Water,  Motion,  Power, 
Smoke/ Fire) 

Expandable 


Control 

Interface 


Port 


Sends 

SNMP 

Messages 


Monitors  Embedded 

64  Web 

IP 


Sends 


h  dw  Do  You  Dis  ibute 
Power  in  Your  Data 
Center  Cabinet? 


With  Sentry! 


CDU  Product  Family:  Metered,  Smart  &  Switched 

•  The  Sentry  CDU  distributes  power  for  Blade  servers  or  up  to  42  dual 
power  1U  servers  in  one  enclosure.  Single  or  3-phase  input  with 
■  110VAC,208\/AC  or  mixed  110/208VAC  single-phase  outlet  receptacles 

r-’:‘  MeteredCDU  Switched  CDU 


>  Local  input  Current  Monitoring 

; : ■  . •  • 

Smart  CDU  v 

>  Local  Input  Current  Monitoring 

.  >  Supports  External  Temperature  and 
Humidity  Probes 

>/f P  Monitoring  of  Power  Temperatures 
vsj'i  Yf'ind  Homidity- 

->r  v  .'  •  ’ 

>•..  4,. 

Server  Technology 

«  ‘  ySo.  •r'oftHo'  !hp  &  *>?/  EOJ.l.rp^-.t  Cac  rj*t 

i^VTT'.TOilocj/ilnc  ■.  .toll Pep  .1BC023S  15)S 
'pLa*' »«'  ■  te1.  +1.775  284.2000 

fax  *1.775  254  2065 
•  r',-’'1  <  sain' :  u-Vv'W*>  cc-: 


Switched  CDU 

>  Local  input  current  Monitoring 

>  Supports  External  Temperature  and 
Humidity  Probes 

>  IP  Monitoring  of  Power,  Temperatures 
and  Humidity 

>  Remote  Power  Control  of  Each  Outlet 
—  On  /  Off  /  Reboot 
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BACKSPIN 


Mark  Gibbs 


1 1  seems  like  being  “eco¬ 
nomical  with  the  truth”  is 
I  all  the  rage  this  summer. 

The  most  public  case 

occurred  in  the  saga  of  the  “Hot  Coffee  mod”  for  the  game 
from  Rockstar  Games  called  “Grand  Theft  Auto:  San 
Andreas,”  or  GTA. 

If  you  haven’t  followed  this,  here’s  the  scoop:  Around  the 
beginning  of  June  rumors  began  to  circulate  that  there 
was  an  Easter  egg  —  the  hip  name  for  hidden  code  —  in 
GTA  that  allowed  the  player’s  avatar  (named  CJ)  to  have  a 
surprisingly  good  time  with  his  virtual  girlfriends. 

Subsequently,  it  became  clear  that  the  rumor  was  true.  A 
workaround  called  Hot  Coffee  had  been  created  by 
Dutch  programmer  Patrick  Wildenborg  that,  once  imple¬ 
mented,  exposed  some  racy  content  that  was  otherwise 
not  visible  to  game  owners.  (You  can  find  videos  of  the 
naughty  bits  all  over  the  ’Net  and  it  is  not  really  very 
shocking.  I’d  argue  that  you  see  worse  on  Fox.) 

As  far  as  I  can  determine,  the  workaround  is  not  a  sim¬ 
ple  exercise. 

But  when  Rockstar  got  called  on  the  carpet  by  The 
Entertainment  Software  Rating  Board,  which  suddenly 
upgraded  GTAs  rating  to  adults  only  Rockstar  decided  to 
abuse  the  truth  about  the  origins  of  the  content. 

In  a  press  statement  Rockstar  included  the  following 


Sex,  lies  and  source  code 

i 


ridiculous  explanation:  “In  violation  of  the  software  user 
agreement,  hackers  created  the  ‘hot  coffee’  modification 
by  disassembling  and  then  combining,  recompiling  and 
altering  the  game’s  source  code.” 

Isn’t  that  what  hackers  do?  Do  you  know  any  hackers 
who  are  careful  to  not  violate  license  agreements? 
Second,  they  disassembled  and  rebuilt  the  game?!  Please! 
Who  did  Rockstar  think  would  believe  this  tale?  The  press 
release  continued  in  a  similarly  off-the-wall  vein  (see 
Gearblog  for  a  link  to  a  report  on  the  press  release). 

Rockstar’s  parent  company  Take-Two  Interactive 
Software,  owned  up. Yep,  the  code  for  the  naughty  bits  was 
already  in  there,  and  yes,  that  means  that  Rockstar  lied  to 
the  Entertainment  Software  Ratings  Board,  which  has 
taken  a  lot  of  heat  over  something  that  I  find  hard  to 
believe  they  could  have  prevented. 

Now,  it  seems  everyone  is  up  in  arms,  including  Sen. 
Hillary  Rodham  Clinton  (D-New  York)  who  is  turning  this 
into  a  cause  celebre  by  jumping  on  to  the  family-values 
bandwagon. 

It  makes  you  wonder  whether  Rockstar  knew  about  Hot 
Coffee  all  along  and  intentionally  engineered  this  ruckus. 
Talk  about  getting  press! 

The  other  dissemblance  that  caught  my  eye  recently 
was  from  Microsoft  on  the  topic  of  open  source. 

In  an  interview  on  News.com,  Martin  Taylor,  Microsoft’s 


general  manager  of  platform  strategy,  was  asked, “In  what 
way  is  Linux  or  an  open  source  infrastructure  unsuitable?” 
Taylor  replied:“You  can  build  it,  design  it,  and  it  will  work 
great.The  trouble  begins  when  you  want  to  add  things  to 
it,  add  some  services  and  things  like  that.  Because  of  the 
brittle  nature  of  the  platform,  when  you  do  that,  other 
things  break.” 

Pardon?  Did  I  understand  you  to  say  that  Linux  was  brit¬ 
tle?  In  comparison  with  what?  Surely  not  with  Windows? 

Taylor  continued  the  spin:“When  it  comes  to  the  adding 
of  modules  . . .  [Linux]  becomes  more  and  more  difficult 
[to  manage] .” 

Words  fail  me. Taylor  continued  with  this  nonsense, 
implying  that  Microsoft’s  Shared  Source  program  that 
allows  select  entities  access  to  up  to  65%  of  the  source 
code  for  Microsoft’s  core  products  is  comparable  to  open 
source! 

Here  we  have  two  companies  that  should  know  better 
standing  up  in  public  and,  well,  lying. They  lied  about  sex 
and  source  code,  and  in  Rockstar’s  case  they  were  found 
out. When  will  Microsoft’s  lies  be  exposed  for  the  spin  and 
sham  they  are?  Will  Hillary  care? 

Tell  the  truth  to  backspin@gibbs.com.  And  check 
Gearblog  (www.  networkworld.  com/ weblogs/ gearblog) 
for  links  for  this  column.  Links  to  be  posted  on  Gearblog. 


ETISIZZ 


News,  insights,  opinions  and  oddities 


They’ve  got  you  covered 

The  bad  news  is  that  your  company  just  wired  a  six-fig¬ 
ure  payment  to  an  extortionist’s  offshore  bank  account  in 
exchange  for  a  pledge  from  the  criminal  —  whatever 
Paul  McNamara  that's  worth  —  to  spare  your  network  from  a  threatened 

distributed  denial-of-service  attack. 

The  good  news  is  someone  at  your  company  had  the  foresight  to  buy  insurance  that 
covers  this  kind  of  unnatural  disaster. 

What?  You  say  you  didn't  know  that  insurance  policies  cover  cyberextortion  pay¬ 
ments?  Join  the  club. 

The  details  are  fascinating:  If  you  buy  such  coverage  from  Chubb  Corp.,  for  example, 
the  actual  extortion  payment  can  be  covered  for  up  to  $25  million,  depending  on  what 
premium  you're  prepared  to  pay,  saysTracey  Vispoli,  a  Chubb  vice  president. 

And  that’s  just  the  start.  Should  the  payment  "be  destroyed,  disappear  or  be  confis¬ 
cated  for  some  reason  or  another,”  fear  not,  as  that  loss  is  covered,  too,  Vispoli  says. 
Need  to  hire  an  independent  negotiator  to  handle  the  ugliness  of  dealing  with  an  extor¬ 
tionist?  Covered.  Need  a  public  relations  cleansing  as  a  result  of  bad  publicity? 

Chubb's  got  your  back.  Even  travel  expenses  —  the  criminal  demands  a  drop  at  the 
base  of  the  EiffelTower —  will  be  reimbursed.  (I  neglected  to  ask  whether  you  could 
claim  hotel  movie  rentals.) 

So  here  we  have  yet  another  good  reason  that  paying  off  cyberextortionists  should 
be  against  the  law,  as  I’ve  been  arguing  for  a  couple  of  months.  If  corporate  victims  lit¬ 
erally  have  nothing  to  lose,  well,  paying  an  extortionist  to  go  away  suddenly  looks  more 
prudent  than  making  a  potentially  expensive  stand  on  principle.That  such  payments 
are  bad  for  society  as  a  whole  seems  beyond  debate. 

Of  course,  the  existence  of  this  insurance  offers  yet  another  good  reason  that  law¬ 
makers  are  unlikely  to  outlaw  the  payments.  Not  only  would  they  face  the  wrath  of  cor¬ 
porate  interests  that  would  just  as  soon  maintain  the  option  of  paying,  they’d  have  to 
take  on  the  notoriously  powerful  insurance  industry,  which  is  apparently  profiting  quite 
nicely  from  the  status  quo. 

I  certainly  do  not  blame  the  insurance  companies  for  selling  this  coverage,  or  cor¬ 


porations  for  buying  it.  Vispoli  says  about  a  quarter  of  companies  carry  some  kind  of 
cyberinsurance  and  that  it’s  within  these  broader  policies  that  you’ll  find  specific 
coverage  for  extortion. There  is  an  underwriting  process  that  precedes  this  cover¬ 
age,  so  at  the  very  least  a  company  buying  it  has  the  opportunity  to  test  its  perime¬ 
ter  defenses. 

"We  do  require  that  the  insured  go  through  a  third-party  security  audit  that  looks 
very  much  the  same  as  the  ISO-17799,”  Vispoli  says. 

One  thing  for  certain  is  that  the  insurance  industry  is  having  no  trouble  finding  takers 
for  cyberextortion  coverage,  because  the  number  of  victims  is  going  nowhere  but  up. 

"My  sources  would  suggest  that  this  particular  type  of  peril  is  on  the  rise,”  Vispoli 
says.  “The  problem  is  obtaining  statistical  information.There's  a  suggestion  that  per¬ 
haps  70%  of  such  events  go  unreported. They  don't  want  the  public  relations  nightmare 
that  is  associated  with  an  extortion  demand.” 

Which  left  me  pleasantly  surprised  to  learn  that  Chubb  requires  by  contract  that  its 
customers  report  extortion  demands  to  the  authorities.  I’ve  argued  that  it  should  be 
legally  mandated  as  well. 

“We  feel  that  with  good  law-enforcement  involvement  there  is  a  possibility  of  mitigat¬ 
ing  our  loss,  particularly  if  the  criminals  are  apprehended,"  Vispoli  says.  “And  without 
law-enforcement  involvement  there  is  going  to  be  virtually  no  hope  whatsoever  of 
catching  the  crook.” 

Self-serving  to  be  sure,  but  it’s  also  common  sense. 

Finally,  I  asked  Vispoli  whether  the  insurance  industry  is,  in  essence,  encouraging 
cyberextortion  by  providing  a  relatively  painless  means  for  corporations  to  pay. 

"Are  we  creating  a  moral  hazard?”  she  asks,  apparently  having  fielded  the  question 
before.  "That's  why  we  ask  the  FBI  to  be  involved.  Of  course,  we’re  not  creating  a  moral 
hazard.  We  are  creating  an  ability  for  the  insured  to  remedy  a  situation  and  yet  be 
involved  with  law  enforcement.” 

Remedying  the  situation  sounds  so  much  more  responsible  than  creating  a  moral 
hazard. 

Care  to  hazard  an  opinion?  The  address  is  buzz@nww.com. 
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Microsoft 


need  for  a  well-guarded  network 


Find  the  tools  an  d  guid;  nee  yo 
at  micr  jsoft.com/security/IT 


Microsoft  Risk  Assessment  Tool:  Complete  this  free,  Web-based 
self-assessment  to  help  you  evaluate  your  organization's  security 
practices  and  identify  areas  for  improvement. 

Internet  Security  and  Acceleration  Server  2004:  Download 
the  free  120-day  trial  version  to  evaluate  how  the  advanced 
application-layer  firewall,  VPN,  and  Web  cache  solution  can 
improve  network  security  and  performance. 


Microsoft  Windows  XP  Service  Pack  2:  Download  it  for 
free  and  get  stre  lger  system  control  and  proactive  protection 
against  security  threats. 

Free  Tools  .  Updates:  Down  ree  s  1  ire  like  Microsoft 
Baseline  Security  Analyzer  to  ve  ify  that  your  systems  are 
c  nfigured  to  maxii  :e  security.  Manage  s<  tware  updates 
easily  with  Windows  Server  Update  Services. 
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